HIGH🇬🇧 English

CVE-2024-42169

CVSS 7.1v3.1pub. 2025-01-11upd. 2025-05-16

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
  • Hcltech Dryice Myxalytics

    APP
    Hcltech
    6.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
IDOR
CWE
Referencje

Powiązane podatności

CVE-2025-52656HIGH7.6ten sam produkt

HCL MyXalytics: 6.6.  is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is ...

CVE-2025-52653HIGH7.6ten sam produkt

HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allo...

CVE-2024-42168HIGH8.9ten sam produkt

HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web se...

CVE-2023-45724HIGH8.2ten sam produkt

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application pe...

CVE-2023-50342HIGH7.1ten sam produkt

HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A user can obt...