HIGH🇬🇧 English

CVE-2024-42168

CVSS 8.9v3.1pub. 2025-01-11upd. 2025-05-16

HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
  • Hcltech Dryice Myxalytics

    APP
    Hcltech
    6.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-52656HIGH7.6ten sam produkt

HCL MyXalytics: 6.6.  is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is ...

CVE-2025-52653HIGH7.6ten sam produkt

HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allo...

CVE-2024-42169HIGH7.1ten sam produkt

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control chec...

CVE-2023-45724HIGH8.2ten sam produkt

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application pe...

CVE-2023-50342HIGH7.1ten sam produkt

HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A user can obt...