CVE-2024-42179: HCL MyXalytics is affected by sensitive information disclosure vulnerability

2.0 CVSS

Description

HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version.

Classification

CVE ID: CVE-2024-42179

CVSS Base Severity: LOW

CVSS Base Score: 2.0

Affected Products

Vendor: HCL Software

Product: DRYiCE MyXalytics

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.46% (scored less or equal to compared to others)

EPSS Date: 2025-02-10 (when was this score calculated)

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149

Timeline

2025-01-13 00:30:18 UTC
CVE

HCL MyXalytics is affected by sensitive information disclosure vulnerability