CVE-2024-42181

HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

CVSS v3 1.6 LOW

1.6^/10

CVSS v3 : LOW

Vector :

Exploitability : 0.2 / Impact : 1.4

Attack Vector PHYSICAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:dryice_myxalytics:6.3:*:*:*:*:*:*:*

History

16 May 2025, 13:45

Type	Values Removed	Values Added
First Time		Hcltech Hcltech dryice Myxalytics
Summary		(es) HCL MyXalytics se ve afectada por una vulnerabilidad de transmisión de información confidencial en texto plano. La aplicación transmite datos confidenciales o críticos para la seguridad en texto plano en un canal de comunicación que puede ser interceptado por actores no autorizados.
References	~~() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149 -~~	() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149 - Vendor Advisory
CPE		cpe:2.3:a:hcltech:dryice_myxalytics:6.3:::::::*

12 Jan 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-12 22:15

Updated : 2025-05-16 13:45

NVD link : CVE-2024-42181

Mitre link : CVE-2024-42181

CVE.ORG link : CVE-2024-42181

JSON object : View

Products Affected

hcltech

dryice_myxalytics

CWE

CWE-319

Cleartext Transmission of Sensitive Information

{"id": "CVE-2024-42181", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 1.6, "attackVector": "PHYSICAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 0.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-01-12T22:15:07.120", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-319"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-319"}]}], "descriptions": [{"lang": "en", "value": "HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors."}, {"lang": "es", "value": "HCL MyXalytics se ve afectada por una vulnerabilidad de transmisi\u00f3n de informaci\u00f3n confidencial en texto plano. La aplicaci\u00f3n transmite datos confidenciales o cr\u00edticos para la seguridad en texto plano en un canal de comunicaci\u00f3n que puede ser interceptado por actores no autorizados."}], "lastModified": "2025-05-16T13:45:05.007", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C92689D-384F-41F5-9E28-517A968FAD9E"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}