HCL Connections contains a user enumeration vulnerability. Certain actions could allow an malicious user to determine if the user is valid or not, leading to a possible brute force attack.