HIGH🇵🇱 Wersja polska

CVE-2024-42169

CVSS 7.1v3.1pub. 2025-01-11upd. 2025-05-16

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
  • Hcltech Dryice Myxalytics

    APP
    Hcltech
    6.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
IDOR
CWE
References

Related vulnerabilities

CVE-2025-52656HIGH7.6ten sam produkt

HCL MyXalytics: 6.6.  is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is ...

CVE-2025-52653HIGH7.6ten sam produkt

HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allo...

CVE-2024-42168HIGH8.9ten sam produkt

HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web se...

CVE-2023-45724HIGH8.2ten sam produkt

HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application pe...

CVE-2023-50342HIGH7.1ten sam produkt

HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A user can obt...