CVE-2025-31965

Summary

Improper access restrictions in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0248 and lower) allow non-admin users to view unauthorized information on certain web pages.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareBigFix Remote Control<=10.1.0.0248affected

Weaknesses

  • CWE-305: CWE-305 Authentication Bypass by Primary Weakness

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References