CVE-2021-27766

The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerability fixed.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*

History

16 May 2022, 17:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 4.6
v3 : 7.8
References (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0024/MNDT-2022-0024.md - (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0024/MNDT-2022-0024.md - Third Party Advisory
References (CONFIRM) https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098116 - (CONFIRM) https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0098116 - Vendor Advisory
CPE cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*
CWE CWE-269

12 May 2022, 15:15

Type Values Removed Values Added
References
  • (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0024/MNDT-2022-0024.md -

06 May 2022, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-06 18:15

Updated : 2024-02-04 22:29


NVD link : CVE-2021-27766

Mitre link : CVE-2021-27766

CVE.ORG link : CVE-2021-27766


JSON object : View

Products Affected

hcltech

  • bigfix_platform
CWE
CWE-269

Improper Privilege Management