Vulnerability Database

308,820

Total vulnerabilities in the database

CVE-2025-31979

A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or web shells, by bypassing client-side or server-side validation mechanisms.

Published: Aug 28, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-31979
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWEs:

CWE-434

Affected Software
References

No affected software listed.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123631

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo