CVE-2021-27758

Summary

There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix Inventory9.xaffected
HCL SoftwareHCL BigFix Inventory10.xaffected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References