HCL BigFix Platform is affected by insecure permissions on private cryptographic keys

Description

A vulnerability identified as problematic has been detected in HCL BigFix Platform. Affected by this vulnerability is an unknown functionality of the component File System Handler. Performing a manipulation results in incorrect permission assignment.

Affected Products

Vendor	Product	Versions
hcl	bigfix	11.0.0 - 11.0.5

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129906

Related News (1 articles)

Tier C

VulDB6h ago

CVE-2026-21765 | HCL BigFix Platform File System permission assignment (KB0129906)

→ No new info (linked only)

CVSS 3.18.8 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA KEV❌ No

Actively exploited❌ No

CWECWE-732, CWE-276

PublishedApr 1, 2026

Last enriched5h agov2

Trending Score27

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 5h ago

v2Tier C5h ago

Updated description with new technical details and confirmed no available exploit.

description

via VulDB

v16h ago

Initial creation

HCL BigFix Platform is affected by insecure permissions on private cryptographic keys

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (4)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History