CVE-2024-42173

HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known...

PT-2022-12298 · Velneo · Velneo Vclient

Name of the Vulnerable Software and Affected Versions: Velneo vClient version 28.1.3 Description: The issue allows an attacker with knowledge of the victim's username and hashed password to spoof the victim's id against the server. Recommendations: For Velneo vClient version 28.1.3, consider...