CVE-2025-59870

Summary

HCL MyXalytics  is affected by improper management of a static JWT signing secret in the web application, where the secret lacks rotation , introducing a security risk

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareMyXalytics6.2 < 6.7affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References