Vulnerabilities > CVE-2023-50347 - Unspecified vulnerability in Hcltech Dryice Myxalytics

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

hcltech

critical

NVD

Published: 2024-04-10

Updated: 2025-05-08

Summary

HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. A malicious user can run arbitrary SQL commands including changing system configuration.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Dryice Myxalytics 6.1 Hcltech Dryice Myxalytics 5.9 Hcltech Dryice Myxalytics 6.0 Hcltech Dryice Myxalytics 6.2	4

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112318
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112318