CVE-2025-31973: HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'
HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2025-31973?
The severity of CVE-2025-31973 is categorized as a medium risk due to the potential for exploitation through outdated base images.
How do I fix CVE-2025-31973?
To fix CVE-2025-31973, ensure that you update to a secure base image version and review your configuration settings.
What types of vulnerabilities are associated with CVE-2025-31973?
CVE-2025-31973 is associated with vulnerabilities from the insecure use of outdated or vulnerable base images.
Which versions of HCL BigFix Service Management are affected by CVE-2025-31973?
CVE-2025-31973 affects all versions of HCL BigFix Service Management that utilize insecure base images.
Is there a workaround for CVE-2025-31973 if I cannot update immediately?
If you cannot update immediately for CVE-2025-31973, limiting the exposure of affected systems and monitoring for unusual activity can serve as a temporary workaround.