Vulnerabilities > CVE-2024-42169 - Authorization Bypass Through User-Controlled Key vulnerability in Hcltech Dryice Myxalytics 6.3

CVSS 8.1 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

hcltech

CWE-639

NVD

Published: 2025-01-11

Updated: 2025-05-16

Summary

HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Dryice Myxalytics 6.3	1

Common Weakness Enumeration (CWE)

CWE-639 - Authorization Bypass Through User-Controlled Key

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149