A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or web shells, by bypassing client-side or server-side validation mechanisms.
Metrics
Affected Vendors & Products
References
History
Thu, 28 Aug 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 28 Aug 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or web shells, by bypassing client-side or server-side validation mechanisms. | |
Title | A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix Service Management (SM) | |
Weaknesses | CWE-434 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: HCL
Published:
Updated: 2025-08-28T17:14:09.146Z
Reserved: 2025-04-01T18:46:26.621Z
Link: CVE-2025-31979

Updated: 2025-08-28T17:14:06.726Z

Status : Awaiting Analysis
Published: 2025-08-28T17:15:35.650
Modified: 2025-08-29T16:24:29.730
Link: CVE-2025-31979

No data.

No data.