Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-03 | CVE-2023-50344 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by improper access control (Unauthenticated File Download) vulnerability. | 5.4 |
| 2024-01-03 | CVE-2023-50345 | Open Redirect vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker to redirect users to malicious sites, potentially leading to phishing attacks or other security threats. | 6.1 |
| 2024-01-03 | CVE-2023-50346 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. | 4.3 |
| 2024-01-03 | CVE-2023-50348 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. | 5.3 |
| 2024-01-03 | CVE-2023-50350 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information. | 7.5 |
| 2024-01-03 | CVE-2023-50351 | Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1 HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the confidentiality or integrity of data. | 9.1 |
| 2023-12-21 | CVE-2023-37520 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. | 6.1 |
| 2023-12-21 | CVE-2023-37519 | Cross-site Scripting vulnerability in Hcltech Bigfix Platform Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. | 6.1 |
| 2023-12-21 | CVE-2023-28025 | Cross-site Scripting vulnerability in Hcltech Bigfix Modern Client Management 2.0/2.1 Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. | 4.8 |
| 2023-12-15 | CVE-2023-28022 | Unspecified vulnerability in Hcltech Connections HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data. | 6.5 |