User Enumeration Vulnerability in HCL BigFix Platform
CVE-2026-21840
3.1LOW
What is CVE-2026-21840?
The HCL BigFix Platform contains a user enumeration vulnerability that can be exploited by an attacker who closely monitors system control and response times. This could lead to revealing valid usernames, thereby compromising the service's security integrity. The risk arises from the potential for unauthorized users to identify legitimate accounts within the platform.
Affected Version(s)
HCL BigFix Platform 10.0.0 - 10.0.15, 11.0.0 - 11.0.5
