Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-03 | CVE-2023-50342 | Authorization Bypass Through User-Controlled Key vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability. | 4.3 |
| 2024-01-03 | CVE-2023-50343 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. | 6.5 |
| 2024-01-03 | CVE-2023-50344 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by improper access control (Unauthenticated File Download) vulnerability. | 5.4 |
| 2024-01-03 | CVE-2023-50345 | Open Redirect vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker to redirect users to malicious sites, potentially leading to phishing attacks or other security threats. | 6.1 |
| 2024-01-03 | CVE-2023-50346 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. | 4.3 |
| 2024-01-03 | CVE-2023-50348 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. | 5.3 |
| 2024-01-03 | CVE-2023-50350 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information. | 7.5 |
| 2024-01-03 | CVE-2023-50351 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the confidentiality or integrity of data. | 9.1 |
| 2023-12-21 | CVE-2023-37520 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. | 6.1 |
| 2023-12-21 | CVE-2023-37519 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. | 6.1 |