CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-31963

Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.3%

CVSS Severity

CVSS v3 Score 2.9

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127753

Products affected by CVE-2025-31963

Hcltech » Bigfix Insights For Vulnerability Remediation » Version: 4.2

cpe:2.3:a:hcltech:bigfix_insights_for_vulnerability_remediation:4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-31963

Products

Pricing

Contact Us