Hcltech Dryice Myxalytics — known CVE vulnerabilities
Every CVE whose affected-product data names Hcltech Dryice Myxalytics, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2024-42168 — CVSS 8.9 (high): HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious…
CVE-2023-45722 — CVSS 8.8 (high): HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a…
CVE-2023-50343 — CVSS 8.3 (high): HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. Certain API endpoints are accessible to…
CVE-2023-50351 — CVSS 8.2 (high): HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the…
CVE-2023-45724 — CVSS 8.2 (high): HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain…
CVE-2023-50350 — CVSS 8.2 (high): HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to…
CVE-2025-52656 — CVSS 7.6 (high): HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to…
CVE-2025-52653 — CVSS 7.6 (high): HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of…
CVE-2023-50341 — CVSS 7.6 (high): HCL DRYiCE MyXalytics is impacted by Improper Access Control (Obsolete web pages) vulnerability. Discovery of outdated and accessible web…
CVE-2023-45723 — CVSS 7.6 (high): HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to…
CVE-2024-42169 — CVSS 7.1 (high): HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify…
CVE-2023-50342 — CVSS 7.1 (high): HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability. A user can obtain certain details about…
CVE-2024-42170 — CVSS 6.8 (medium): HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session…
CVE-2024-42171 — CVSS 6.4 (medium): HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session…
CVE-2023-50344 — CVSS 5.4 (medium): HCL DRYiCE MyXalytics is impacted by improper access control (Unauthenticated File Download) vulnerability. An unauthenticated user can…
CVE-2024-42172 — CVSS 5.3 (medium): HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially…
CVE-2024-42173 — CVSS 4.8 (medium): HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies…
CVE-2025-52654 — CVSS 4.6 (medium): HCL MyXalytics v6.6 is affected by an HTML Injection. This issue occurs when untrusted input is included in the output without proper…
CVE-2023-50347 — CVSS 3.7 (low): HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom…
CVE-2024-42174 — CVSS 3.7 (low): HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users…
CVE-2023-50345 — CVSS 3.7 (low): HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker to redirect users to malicious sites…
CVE-2025-52658 — CVSS 3.5 (low): HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could…
CVE-2023-50348 — CVSS 3.1 (low): HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application returns detailed error messages that can…
CVE-2023-50346 — CVSS 3.1 (low): HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints within the application disclose detailed…
CVE-2024-42177 — CVSS 2.6 (low): HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the…
CVE-2024-42175 — CVSS 2.6 (low): HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts special characters and there is no length…
CVE-2024-42176 — CVSS 2.6 (low): HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability occurs when simultaneous active sessions are…
CVE-2024-42178 — CVSS 2.5 (low): HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to…
CVE-2024-42179 — CVSS 2.0 (low): HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0…
CVE-2024-42181 — CVSS 1.6 (low): HCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerability. The application transmits sensitive or…
CVE-2024-42180 — CVSS 1.6 (low): HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect…