CVE-2024-42178

HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution.

CVSS v3 2.5 LOW

2.5^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120502

Configurations

No configuration.

History

21 Apr 2025, 14:23

Type	Values Removed	Values Added
Summary		(es) HCL MyXalytics se ve afectado por una vulnerabilidad de acceso a URL fallida. Usuarios no autenticados podrían obtener acceso no autorizado a información potencialmente confidencial, lo que crea un riesgo de uso indebido, manipulación o distribución no autorizada.

17 Apr 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-17 22:15

Updated : 2025-04-21 14:23

NVD link : CVE-2024-42178

Mitre link : CVE-2024-42178

CVE.ORG link : CVE-2024-42178

JSON object : View

Products Affected

No product.

CWE

CWE-288

Authentication Bypass Using an Alternate Path or Channel

2.5 /10