CVE-2024-42175: HCL MyXalytics is affected by a weak input validation vulnerability

2.6 CVSS

Description

HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts special characters and there is no length validation. This can lead to security vulnerabilities like SQL injection, XSS, and buffer overflow.

Classification

CVE ID: CVE-2024-42175

CVSS Base Severity: LOW

CVSS Base Score: 2.6

Affected Products

Vendor: HCL Software

Product: DRYiCE MyXalytics

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.47% (scored less or equal to compared to others)

EPSS Date: 2025-02-09 (when was this score calculated)

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149

Timeline

2025-01-12 00:30:18 UTC
CVE

HCL MyXalytics is affected by a weak input validation vulnerability