CVE-2023-50344

HCL DRYiCE MyXalytics is impacted by improper access control (Unauthenticated File Download) vulnerability. An unauthenticated user can download certain files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
HCLCNA
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
hcltechdryice_myxalytics
5.9
hcltechdryice_myxalytics
6.0
hcltechdryice_myxalytics
6.1
𝑥
= Vulnerable software versions
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608