CVE-2025-31965HIGH 8.2EPSS p8.0%

CVE-2025-31965CVE-2025-31965

Description

Improper access restrictions in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0248 and lower) allow non-admin users to view unauthorized information on certain web pages.

Scoring

CVSS 3.18.2 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:L
EPSS0.18% probability of exploitation · percentile 8.0% · 2026-06-19T12:03:05Z
Published2025-07-29
Last modified2026-04-15

Underlying weaknesses· 1

CWE-305

References

  1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122906

1

TypeTargetConfidenceTier
WeaknessAuthentication Bypass by Primary Weaknesscwe-3050%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-21785
CVE
CVE-2025-62338
CVE
CVE-2025-31973
CVE
CVE-2025-31958
CVE
CVE-2025-52613
CVE
CVE-2025-31951
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.