exploitDog

CVE-2024-42169

Опубликовано: 11 янв. 2025

Источник: nvd

CVSS3: 7.1

CVSS3: 8.1

EPSS Низкий

Описание

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:dryice_myxalytics:6.3:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00113

Низкий

7.1 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-639

CWE-639

Связанные уязвимости

GHSA-hfwr-76cx-qgg7

CVSS3: 7.1

github

около 1 года назад

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.

EPSS

Процентиль: 30%

0.00113

Низкий

7.1 High

CVSS3

8.1 High

CVSS3

Дефекты

CWE-639

CWE-639