CVE-2024-42181

Description

HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

CVSS breakdown

CVSS 3.1

Attack Vector

Physical

Attack Complexity

High

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Affected products

HCL Software / DRYiCE MyXalytics6.3 – 6.3

References

MISChttps://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149