CVE-2025-31963
HCL BigFix IVR is impacted by improper authentication and missing CSRF protection
Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
Productos afectados
HCLSoftware · BigFix IVR¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →