Primary

Context

HCL BigFix SM Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability allowing sensitive information exposure exists in HCL BigFix Service Management (SM) Version 23. Internal connections lack TLS encryption, potentially allowing unauthorized access to sensitive data transmitted between internal components.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive data being transmitted between internal components of HCL BigFix SM.

Remediation

Users can upgrade to HCL BigFix SM version 26.0 to address this vulnerability.

Added: Aug 28, 2025, 5:26 PM

Updated: Aug 28, 2025, 5:26 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL BigFix SM Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating