CVE-2026-21840
HCL BigFix Platform is affected by a user enumeration vulnerability
CVSS Score
3.1
EPSS Score
0.0%
EPSS Percentile
0th
HCL BigFix Platform is affected by a user enumeration vulnerability which might allow an attacker, through careful system control and response time monitoring, to perform some level of user enumeration for the BigFix service.
| CWE | CWE-208 |
| Vendor | hclsoftware |
| Product | hcl bigfix platform |
| Published | Jul 14, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for hclsoftware hcl bigfix platform
Be the first to know when new low vulnerabilities affecting hclsoftware hcl bigfix platform are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected Versions
HCLSoftware / HCL BigFix Platform
10.0.0 - 10.0.15, 11.0.0 - 11.0.5