Home

Description

HCL BigFix Platform is affected by a user enumeration vulnerability which might allow an attacker, through careful system control and response time monitoring, to perform some level of user enumeration for the BigFix service.

PUBLISHED Reserved 2026-01-05 | Published 2026-07-14 | Updated 2026-07-14 | Assigner HCL




LOW: 3.1CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-208 Observable timing discrepancy

Product status

Default status
unaffected

10.0.0 - 10.0.15, 11.0.0 - 11.0.5
affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0132093

cve.org (CVE-2026-21840)

nvd.nist.gov (CVE-2026-21840)

Download JSON