Bigfix Service Management (Sm)
Approved changes feed: RSS · Atom
cpe:2.3:a:hcl:bigfix_service_management_(sm):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Hcl (1d3f8112-3eea-57b2-9fe3-0239de9402c9) |
|---|---|
| Product | Bigfix Service Management (Sm) (ddacd640-9b0e-5867-a9e6-540627ee3f2d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-52613 |
vulnerable | 2026-06-03 15:03:52.150729 |
HCL BigFix Service Management (SM) is affected by use of a vulnerable component
MEDIUM (4.6)
HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.
Published: 2026-05-06T13:50:47.494Z
Updated: 2026-05-06T14:46:49.273Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31985 |
vulnerable | 2026-06-03 15:00:39.750900 |
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header
LOW (3.7)
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly.
Published: 2026-05-20T11:28:03.667Z
Updated: 2026-05-20T12:50:45.836Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31984 |
vulnerable | 2026-06-03 15:00:39.750503 |
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header
LOW (3.7)
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, potentially causing malicious content to be interpreted and executed incorrectly.
Published: 2026-05-06T13:44:09.531Z
Updated: 2026-05-06T14:48:38.299Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31983 |
vulnerable | 2026-06-03 15:00:39.750012 |
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header
LOW (3.7)
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting (XSS) and potential exposure of sensitive information.
Published: 2026-05-06T13:40:41.736Z
Updated: 2026-05-06T14:49:05.461Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31975 |
vulnerable | 2026-06-03 15:00:39.747596 |
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.
LOW (2.6)
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities.
Published: 2026-05-06T13:51:40.756Z
Updated: 2026-05-06T14:46:31.277Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31973 |
vulnerable | 2026-06-03 15:00:39.746844 |
HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'
MEDIUM (4)
HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.
Published: 2026-05-20T11:25:44.157Z
Updated: 2026-05-20T12:51:05.651Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31960 |
vulnerable | 2026-06-03 15:00:39.713306 |
HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module
MEDIUM (5.3)
HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumer_company parameter during a report-viewing request causes the application to trigger an unhandled exception.
Published: 2026-05-06T18:02:52.716Z
Updated: 2026-05-06T18:31:51.261Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-30151 |
vulnerable | 2026-06-03 14:55:37.363445 |
HCL BigFix Service Management (SM) is susceptible to Broken Access Control Vulnerability
HIGH (8.3)
HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to privilege escalation. This could allow unauthorized users to gain elevated privileges, bypassing intended access restrictions. This may result in exposure of sensitive data or unauthorized system modifications
Published: 2026-05-06T18:14:11.693Z
Updated: 2026-05-06T18:31:25.156Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.