18 matches found
CVE-2025-59854
HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a...
CVE-2025-59853
HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations...
EUVD-2025-209661
HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the...
CVE-2025-59854
HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a...
CVE-2025-59854 HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability
HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a...
CVE-2025-59854
CVE-2025-59854 affects HCL DFXAnalytics and is caused by an insecure security header configuration: use of the outdated X-XSS-Protection header. This could allow a browser-specific rendering bypass or interfere with security controls that should be enforced by a robust Content Security Policy (CS...
CVE-2025-59853
Technical details (affected software/versions/root cause/impact) are not publicly provided in the supplied documents; monitor for updates from vendors and authorities.
CVE-2025-59852 HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
CVE-2025-59852 HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
CVE-2025-59852
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
CVE-2025-59851 HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability
HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the...
CVE-2025-59851
HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the...
CVE-2025-59851
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2025-31970
CVE-2025-31970 affects HCL DFXAnalytics. The issue is an Insecure Security Header configuration: Content-Security-Policy lacks strict directives for object-src and base-uri, enabling potential injection vectors such as XSS. Metrics show CVSS v3.1 base score 5.3 (Medium) with NETWORK attack vector...
PT-2026-37440
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...
PT-2026-37442
HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a...
HCL DFXAnalytics 安全漏洞
HCL DFXAnalytics is a software delivery and operations analytics platform developed by the Indian company HCL. HCL DFXAnalytics has a security vulnerability, which stems from insufficient transport layer protection. Data is transmitted over the network without encryption, allowing attackers to...
HCL DFXAnalytics 跨站脚本漏洞
HCL DFXAnalytics is a software delivery and operations analytics platform developed by the Indian company HCL. HCL DFXAnalytics has a cross-site scripting vulnerability, which stems from insecure Security Header configurations. The application uses outdated X-XSS-Protection headers. Attackers may...