{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-31958", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "dateReserved": "2025-04-01T18:46:19.517Z", "datePublished": "2026-04-21T13:59:14.787Z", "dateUpdated": "2026-04-21T19:32:20.831Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2026-04-21T13:59:14.787Z"}, "title": "HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling", "datePublic": "2026-04-20T13:55:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-444", "description": "CWE-444 Inconsistent interpretation of HTTP requests ('HTTP Request/Response smuggling')", "type": "CWE"}]}], "affected": [{"vendor": "HCLSoftware", "product": "BigFix Service Management (SM)", "versions": [{"status": "affected", "version": "23"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "HCL BigFix Service Management is susceptible to HTTP Request Smuggling.\u00a0 HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "HCL BigFix Service Management is susceptible to HTTP Request Smuggling.  HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking."}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124209"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-21T19:32:02.512507Z", "id": "CVE-2025-31958", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T19:32:20.831Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-31958", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-21T19:32:02.512507Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-21T19:32:09.931Z"}}], "cna": {"title": "HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "HCLSoftware", "product": "BigFix Service Management (SM)", "versions": [{"status": "affected", "version": "23"}], "defaultStatus": "unaffected"}], "datePublic": "2026-04-20T13:55:00.000Z", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124209"}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "HCL BigFix Service Management is susceptible to HTTP Request Smuggling.\u00a0 HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking.", "supportingMedia": [{"type": "text/html", "value": "HCL BigFix Service Management is susceptible to HTTP Request Smuggling.  HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-444", "description": "CWE-444 Inconsistent interpretation of HTTP requests ('HTTP Request/Response smuggling')"}]}], "providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2026-04-21T13:59:14.787Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31958", "state": "PUBLISHED", "dateUpdated": "2026-04-21T19:32:20.831Z", "dateReserved": "2025-04-01T18:46:19.517Z", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "datePublished": "2026-04-21T13:59:14.787Z", "assignerShortName": "HCL"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "HCL BigFix Service Management is susceptible to HTTP Request Smuggling.\u00a0 HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking."}], "id": "CVE-2025-31958", "lastModified": "2026-04-21T16:20:24.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "psirt@hcl.com", "type": "Secondary"}]}, "published": "2026-04-21T15:16:35.440", "references": [{"source": "psirt@hcl.com", "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124209"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-444"}], "source": "psirt@hcl.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[23,23]"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 84.0, "source": "matching"}]}, "original": {"product": "BigFix Service Management (SM)", "source": "cna", "vendor": "HCLSoftware"}, "product": "bigfix_service_management", "vendor": "hcltech"}], "analysis": {"en": {"generated_at": "2026-04-21T22:49:22.263253+00:00", "value": {"mitigation_remediation": ["Follow the vendor's guidance (e.g., the HCL support article KB0124209) to apply any available patch or update to the latest BigFix Service Management release.", "Ensure that the front\u2011end and back\u2011end web servers are configured with identical request parsing rules to eliminate inconsistencies that enable smuggling.", "Deploy a Web Application Firewall or HTTP proxy that rejects duplicate or conflicting headers and enforces strict content\u2011length validation.", "Monitor HTTP traffic for characteristics of request smuggling, such as duplicate transfer\u2011encoding or content\u2011length headers, and review logs for anomalous requests.", "If a patch is not immediately available, isolate the BigFix SM service behind a reverse proxy that normalizes request formatting and blocks smuggling attempts."], "summary": {"action": "Monitor", "impact": "Security Control Bypass via HTTP Request Smuggling"}, "threat_synthesis": {"affected_systems": "The product affected is HCLSoftware: BigFix Service Management (SM). No specific version information is provided, so the issue may be relevant to all installations of the product that employ the implicated HTTP request handling components.", "description_and_impact": "HTTP Request Smuggling occurs when a front\u2011end and back\u2011end server parse the same request differently, allowing an attacker to split or duplicate a request. In HCL BigFix Service Management, this flaw can let a malicious actor trick the system into ignoring request boundaries, potentially bypassing authentication or other security controls. The vulnerability is classified as CWE-444 and can lead to cache poisoning or request hijacking.", "risk_and_exploitability": "The CVSS score of 3.7 indicates low severity, and the lack of an EPSS score suggests limited publicly known exploitation activity. It is not listed in the CISA KEV catalog. The attack requires crafting malicious HTTP requests and exploiting server parsing inconsistencies, meaning the threat surface is confined to environments that expose the SM web interface. Overall risk is moderate, mainly due to the potential to bypass controls even though the impact is limited by the low CVSS value."}}}}, "created": "2026-04-21T23:00:03.480969+00:00", "updated": "2026-04-22T11:46:31.726549+00:00", "vendors": ["hcltech", "hcltech$PRODUCT$bigfix_service_management"]}