CVE-2024-42175

LOW

HCL MyXalytics - Improper Input Validation

Title source: llm

Description

HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts special characters and there is no length validation. This can lead to security vulnerabilities like SQL injection, XSS, and buffer overflow.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149

Scores

CVSS v3 2.6

EPSS 0.0018

EPSS Percentile 39.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-20

Status published

Products (1)

hcltech/dryice_myxalytics 6.3

Published Jan 11, 2025

Tracked Since Feb 18, 2026