Bigfix Service Management (Sm)

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:hclsoftware:bigfix_service_management_(sm):*:*:*:*:*:*:*:*

part: a version: * update: *

VendorHclsoftware (06fdb6ce-b596-52c8-8d32-13dd34a56cea)
ProductBigfix Service Management (Sm) (cfb20da1-e61d-56f5-bdae-0d4a9f4259b4)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-31981 vulnerable 2026-06-03 15:00:39.749312 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption
MEDIUM (5.3)
HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data.
Published: 2026-04-21T14:26:39.400Z
Updated: 2026-04-21T19:28:19.397Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-31958 vulnerable 2026-06-03 15:00:39.711563 HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling
LOW (3.7)
HCL BigFix Service Management is susceptible to HTTP Request Smuggling.  HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking.
Published: 2026-04-21T13:59:14.787Z
Updated: 2026-04-21T19:32:20.831Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.