CVE-2025-31975: HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified.
Published May 6, 2026
·Updated
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities.
Affected Software
2 affected components
HCL HCL BigFix Service Management
hcltech Bigfix Service Management=23.0
Event History
May 6, 2026
CVE Published
via MITRE·01:51 PM
Data Sourced
via MITRE·01:51 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·03:16 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2025-31975?
The severity of CVE-2025-31975 is classified as moderate due to potential information disclosure risks.
2
How do I fix CVE-2025-31975?
To fix CVE-2025-31975, ensure that server banners are properly configured to obfuscate software version information.
3
What type of vulnerability is CVE-2025-31975?
CVE-2025-31975 is an Information Disclosure vulnerability affecting HCL BigFix Service Management.
4
What could be exposed due to CVE-2025-31975?
CVE-2025-31975 could expose server banners that may disclose software versions and system configuration details.
5
Which software is affected by CVE-2025-31975?
CVE-2025-31975 affects the HCL BigFix Service Management software.