CVE-2025-31964

Sažetak

Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface.

Reference

CVSS

Base:	2.2
Impact:	1.4
Exploitability:	0.7

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	LOW

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

Zadnje važnije ažuriranje

07-01-2026 - 12:17

Objavljeno

07-01-2026 - 12:17