Security Advisory

CVE-2025-31963

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-07 07:05:40

Last updated 2026-01-07 16:13:25

Assigner HCL

State PUBLISHED

Description

Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.

← Browse all CVEs View on cve.org ↗