CVE-2023-50351

Опубликовано: 03 янв. 2024

Источник: nvd

CVSS3: 8.2

CVSS3: 9.1

EPSS Низкий

Описание

HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the confidentiality or integrity of data.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*

cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*

cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00039

Низкий

8.2 High

CVSS3

9.1 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-327

Связанные уязвимости

GHSA-9pcm-vcwm-27fr

CVSS3: 8.2

github

около 2 лет назад

HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the confidentiality or integrity of data.

EPSS

Процентиль: 11%

0.00039

Низкий

8.2 High

CVSS3

9.1 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-327