Vulnerability in Hcl Software Dfxserver
CVE-2026-35148
HCL DFXServer is affected by a Missing Access Control vulnerability. This vulnerability states that certain endpoints are accessible without any form of authentication in another browser. This allows any network user to invoke these APIs a…
CVSS v3 metric
CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L.
Affected products
- Hcl Software Dfxserver — versions version 2.5 and below
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-35148?
- CVE-2026-35148 is a medium-severity vulnerability in Hcl Software Dfxserver, classified under Improper Access Control. CVSS score: 6.3/10. Published 2026-07-16.
- How severe is CVE-2026-35148?
- Medium severity. CVSS v3 base score is 6.3 out of 10.