Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-42172

HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerability arises from poor configuration, logic errors, or software bugs and can affect any application with access control, including databases, network infrastructure, and web applications.

Published

2025-01-11T07:15:08.743

Last Modified

2025-05-16T13:47:39.180

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-287
Type: Primary
CWE-522

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hcltech	dryice_myxalytics	6.3	Yes

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149 Vendor Advisory ([email protected])