Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2025-31973: HCL BigFix SM uses outdated base images, increasing exploitation risk
CVE-2025-31973
Summary
The HCL BigFix Service Management application uses outdated or insecure base images, which can introduce known vulnerabilities. This makes the application environment more susceptible to exploitation. To mitigate this risk, update the base images to the latest, secure versions.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| hcltech | bigfix_service_management |
23.0 cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:* |
Original title
HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially...
Original description
HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.
nvd CVSS3.1
4.0
Published: 20 May 2026 · Updated: 28 May 2026 · First seen: 20 May 2026