An information disclosure affects DRYiCE MyXalytics
CVE-2023-50346

3.1LOW

Key Information:

Vendor: HCL Software
Status: DRYiCE MyXalytics
Vendor: CVE Published:; 3 January 2024

Summary

HCL DRYiCE MyXalytics has been identified with an information disclosure issue that affects specific endpoints in the application. This vulnerability allows unauthorized access to detailed file information, potentially exposing sensitive data to malicious actors. It is crucial for users of HCL DRYiCE MyXalytics to be aware of this issue, review their security configurations, and apply recommended patches or mitigations provided by HCL to safeguard their information.

Affected Version(s)

DRYiCE MyXalytics 5.9, 6.0, 6.1

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 3, 2024
Vulnerability Reserved
Dec 7, 2023