Lucene search
HCLCVE-2023-45724HistoryJan 03, 2024 - 3:15 a.m.
CVE-2023-45724
2024-01-0303:15:09
CWE-434
HCL
web.nvd.nist.gov
20
hcl
dryice
myxalytics
unauthenticated file upload
vulnerability
cve-2023-45724
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.001
Percentile
39.1%
HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain file without requiring user authentication.
Affected configurations
Node
hcltechdryice_myxalyticsMatch5.9
ORhcltechdryice_myxalyticsMatch6.0
ORhcltechdryice_myxalyticsMatch6.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hcltech | dryice_myxalytics | 5.9 | cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:* |
| hcltech | dryice_myxalytics | 6.0 | cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:* |
| hcltech | dryice_myxalytics | 6.1 | cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "DRYiCE MyXalytics",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "5.9, 6.0, 6.1"
}
]
}
]Related
cvelist
cvelist
CVE-2023-45724 Unauthenticated File Upload affects DRYiCE MyXalytics
2024-01-03 02:53:23
prion
prion
Unrestricted file upload
2024-01-03 03:15:00
nvd
nvd
CVE-2023-45724
2024-01-03 03:15:09
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.001
Percentile
39.1%
Related for CVE-2023-45724