CVE-2023-50348

LOW

HCL DRYiCE MyXalytics - Information Disclosure via Detailed Error Messages

Title source: llm

Description

HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application returns detailed error messages that can provide an attacker with insight into the application, system, etc.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608

Scores

CVSS v3 3.1

EPSS 0.0032

EPSS Percentile 23.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-209

Status published

Products (3)

hcltech/dryice_myxalytics 5.9

hcltech/dryice_myxalytics 6.0

hcltech/dryice_myxalytics 6.1

Published Jan 03, 2024

Tracked Since Feb 18, 2026