CVE-2025-31962 in BigFix IVRinfo

Zusammenfassung

von MITRE • 07.01.2026

Insufficient session expiration in the Web UI authentication component in HCL BigFix IVR version 4.2 allows an authenticated attacker to gain prolonged unauthorized access to protected API endpoints due to excessive expiration periods.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

HCL

Reservieren

01.04.2025

Veröffentlichung

07.01.2026

Moderieren

akzeptiert

Eintrag

VDB-339875

CPE

bereit

CWE

CWE-613 (bestätigt)

CVSS

4.3 (NVD)

EPSS

0.00050

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-31962
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-31962
CVE Details	https://www.cvedetails.com/cve/CVE-2025-31962/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!