Mass Assignment Vulnerability in HCL MyXalytics Software
CVE-2025-52656

7.6HIGH

Key Information:

Vendor: HCL Software
Status: HCL Software Myxalytics
Vendor: CVE Published:; 3 October 2025

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-52656?

HCL MyXalytics 6.6 is susceptible to a vulnerability that allows mass assignment, which can lead to unauthorized modification of sensitive application fields. This security issue arises when user inputs are directly matched to application objects without sufficient validation and access control measures, posing a risk to data integrity and user privacy.

Affected Version(s)

HCL MyXalytics 6.6

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 3, 2025
Vulnerability Reserved
Jun 18, 2025

JSON