CVE-2025-31973
MEDIUMDescription
HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.
Is your site exposed to CVE-2025-31973?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Affected Products
| Vendor | Product |
|---|---|
| hcltech | bigfix_service_management |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-31973? +
How severe is CVE-2025-31973? +
What products are affected by CVE-2025-31973? +
How do I check if I'm vulnerable to CVE-2025-31973? +
Related Vulnerabilities
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious …
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a …
HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacker may …
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their …
The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. An attacker with the ability to edit …
HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. Certain API endpoints are accessible to Customer …