CVE-2024-42173

Published Jan 11, 2025

Last updated 2 months ago

CVSS medium 4.8

Overview

Description
HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.
Source
psirt@hcl.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.8
Impact score
3.6
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

psirt@hcl.com
CWE-521

Social media

Hype score
Not currently trending

  1. CVE-2024-42173 HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess … https://t.co/v9P6KqIIV2

    @CVEnew

    11 Jan 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References