Auth bypass in Hcl Software Dryice Myxalytics

CVE-2024-42172

HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerability arises from poor configuration, logi…

Vulnerability class: Broken Authentication

EPSS: 0.004 (29.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-42172?
CVE-2024-42172 is a medium-severity vulnerability in Hcl Software Dryice Myxalytics, classified under Improper Authentication. CVSS score: 5.3/10. Published 2025-01-11.
How severe is CVE-2024-42172?
Medium severity. CVSS v3 base score is 5.3 out of 10.