Lucene search

[email protected]NVD:CVE-2023-50348

HistoryJan 03, 2024 - 2:15 a.m.

CVE-2023-50348

2024-01-0302:15:44

[email protected]

web.nvd.nist.gov

cve-2023-50348

hcl dryice myxalytics

improper error handling

detailed error messages

application security

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application returns detailed error messages that can provide an attacker with insight into the application, system, etc.

Affected configurations

Nvd

Node

hcltechdryice_myxalyticsMatch5.9

hcltechdryice_myxalyticsMatch6.0

hcltechdryice_myxalyticsMatch6.1

VendorProductVersionCPE
hcltechdryice_myxalytics5.9cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*
hcltechdryice_myxalytics6.0cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*
hcltechdryice_myxalytics6.1cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hcltech	dryice_myxalytics	5.9	cpe:2.3:a:hcltech:dryice_myxalytics:5.9:::::::*
hcltech	dryice_myxalytics	6.0	cpe:2.3:a:hcltech:dryice_myxalytics:6.0:::::::*
hcltech	dryice_myxalytics	6.1	cpe:2.3:a:hcltech:dryice_myxalytics:6.1:::::::*

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

AI Score

4.4

Confidence

High

EPSS

0.001

Percentile

17.0%

JSON

Related for NVD:CVE-2023-50348

cvelist1 cve1 prion1