CVE-2024-42168

Summary

HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareDRYiCE MyXalytics6.3affected

Weaknesses

  • CWE-610: CWE-610 Externally Controlled Reference to a Resource in Another Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References