Unencrypted Communication Vulnerability in HCL DFXServer
CVE-2026-35146

6.3MEDIUM

Key Information:

Status
Vendor
CVE Published:
16 July 2026

What is CVE-2026-35146?

HCL DFXServer is susceptible to a vulnerability that allows users to connect via unencrypted channels over the HTTP protocol. This flaw enables remote attackers to intercept network traffic, potentially compromising sensitive information exchanged between the user and the application. Organizations using HCL DFXServer must ensure secure communication channels to protect their data from unauthorized access.

Affected Version(s)

DFXServer version 2.5 and below

References

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.