A broken cryptographic algorithm impacts MyXalytics
CVE-2023-50350

8.2HIGH

Key Information:

Vendor: HCL Software
Status: DRYiCE MyXalytics
Vendor: CVE Published:; 3 January 2024

Summary

HCL DRYiCE MyXalytics exhibits a vulnerability due to the implementation of a broken cryptographic algorithm. This flaw could potentially allow attackers to decrypt sensitive information, which poses a significant risk to data confidentiality. Organizations utilizing this product should assess their exposure and take necessary actions to mitigate the risk associated with this vulnerability.

Affected Version(s)

DRYiCE MyXalytics 5.9, 6.0, 6.1

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 3, 2024
Vulnerability Reserved
Dec 7, 2023