Security Advisory

CVE-2025-31962

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-07 06:48:19

Last updated 2026-01-07 16:13:31

Assigner HCL

State PUBLISHED

Description

Insufficient session expiration in the Web UI authentication component in HCL BigFix IVR version 4.2 allows an authenticated attacker to gain prolonged unauthorized access to protected API endpoints due to excessive expiration periods.

← Browse all CVEs View on cve.org ↗