Known Vulnerabilities for Bigfix Platform by Hcltech
Listed below are 8 of the newest known vulnerabilities associated with "Bigfix Platform" by "Hcltech".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-21767 | HCL BigFix Platform is affected by insufficient authentication. The application might allow users to access sensitive area... | Not Provided | 2026-04-02 | 2026-04-01 |
| CVE-2026-21765 | HCL BigFix Platform is affected by insecure permissions on private cryptographic keys. The private cryptographic keys locat... | Not Provided | 2026-04-02 | 2026-04-01 |
| CVE-2021-27767 | The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could ... | 7.8 - HIGH | 2022-05-06 | 2022-05-16 |
| CVE-2021-27766 | The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could a... | 7.8 - HIGH | 2022-05-06 | 2022-05-16 |
| CVE-2021-27765 | The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that cou... | 7.8 - HIGH | 2022-05-06 | 2022-05-16 |
| CVE-2021-27762 | Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web respo... | 9.8 - CRITICAL | 2022-05-06 | 2022-05-18 |
| CVE-2021-27761 | Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks | 7.5 - HIGH | 2022-05-06 | 2022-05-18 |
| CVE-2020-14254 | TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled t... | 7.5 - HIGH | 2020-12-16 | 2021-07-21 |
| CVE-2020-14248 | BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the c... | 5.3 - MEDIUM | 2020-12-16 | 2020-12-23 |
| CVE-2020-4095 | "BigFix Platform is storing clear text credentials within the system's memory. An attacker who is able to gain administrative... | 6 - MEDIUM | 2020-07-16 | 2021-07-21 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hcltech | Bigfix Platform | 9.5.9 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.7 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.6 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.5 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.3 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.2 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.15 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.14 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.13 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.12 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.11 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5.10 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.5 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.2.19 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.2 | All | All | All |
| Application | Hcltech | Bigfix Platform | 9.0.0 | All | All | All |
| Application | Hcltech | Bigfix Platform | 10.0.2 | All | All | All |