Description
HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data.
Published: 2026-04-21
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unencrypted network traffic exposes sensitive data to passive sniffers
Action: Apply Patch
AI Analysis

Impact

HCL BigFix Service Management (SM) Discovery allows unencrypted communication because the default HTTP port 80 is open and encryption is not enforced. This flaw enables an attacker with the ability to capture network traffic to read any data transmitted between the service and its clients, potentially including sensitive configuration or system information. The weakness falls under CWE-319: Improper Validation of Primitive Data. The impact is limited to confidentiality loss for data passing over the line, as the vulnerability does not provide direct execution or privilege escalation capabilities.

Affected Systems

The vulnerability is specific to HCLSoftware’s BigFix Service Management (SM) product. No particular version range is listed in the available CNA data, so all revisions of the product that expose port 80 without encryption are potentially affected.

Risk and Exploitability

The CVSS score is 5.3, indicating a moderate risk. The EPSS score is not available, and the vulnerability is not listed in CISA’s KEV catalog. Exploitation requires network-level access to sniff traffic; it does not require authentication or user interaction. Attackers in the same network segment or with compromised network devices could capture the data, making the issue more critical in environments with poorly segmented or insecure networks.

Generated by OpenCVE AI on April 21, 2026 at 22:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Configure BigFix Service Management to use HTTPS on port 443 and disable or block traffic on the HTTP port 80
  • Apply the latest vendor patch or upgrade to a version that enforces encryption for all discovery traffic
  • Implement network segmentation and enforce isolated VLANs or VPN tunnels to limit exposure of service traffic to only trusted hosts

Generated by OpenCVE AI on April 21, 2026 at 22:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 22 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*

Wed, 22 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Hcltech
Hcltech bigfix Service Management
Vendors & Products Hcltech
Hcltech bigfix Service Management

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 21 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data.
Title HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption
Weaknesses CWE-319
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Hcltech Bigfix Service Management
cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published:

Updated: 2026-04-21T19:28:19.397Z

Reserved: 2025-04-01T18:46:33.655Z

Link: CVE-2025-31981

cve-icon Vulnrichment

Updated: 2026-04-21T19:28:15.979Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-21T15:16:35.580

Modified: 2026-04-22T15:09:37.547

Link: CVE-2025-31981

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T11:46:23Z

Weaknesses