HCL BigFix Platform is affected by insufficient authentication

Description

HCL BigFix Platform is affected by insufficient authentication. The application might allow users to access sensitive areas of the application without proper authentication.

Affected Products

Vendor	Product	Versions
hcl	bigfix platform	11.0.0 - 11.0.5

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129906

Related News (1 articles)

Tier C

VulDB2h ago

CVE-2026-21767 | HCL BigFix Platform missing authentication (KB0129906)

→ No new info (linked only)

CVSS 3.13.6 HIGH

VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-306

PublishedApr 1, 2026

Last enriched1h agov2

Trending Score47

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

Version History

Last enriched 1h ago

v2Tier C1h ago

Updated severity to HIGH, CVSS estimate to 3.6, and noted that the exploit is not available but the vulnerability is actively exploited.

severitycvssEstimateactivelyExploited

via VulDB

v12h ago

Initial creation

HCL BigFix Platform is affected by insufficient authentication

Description

Affected Products

References

Related News (1 articles)

Community Vote

Related CVEs (4)

Pin to Dashboard

Verification

Vulnerability Timeline

Version History