Home
LOW: 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:NDefault status
unaffected
10.0.0 - 10.0.15, 11.0.0 - 11.0.5
affected
Description
HCL BigFix Platform is affected by a user enumeration vulnerability which might allow an attacker, through careful system control and response time monitoring, to perform some level of user enumeration for the BigFix service.
Problem types
CWE-208 Observable timing discrepancy
Product status
10.0.0 - 10.0.15, 11.0.0 - 11.0.5
References
support.hcl-software.com/...rticle&sysparm_article=KB0132093