CVE-2024-42180

Published Jan 12, 2025

Last updated a month ago

CVSS low 1.6

Overview

Description
HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files.
Source
psirt@hcl.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
1.6
Impact score
1.4
Exploitability score
0.1
Vector string
CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
Severity
LOW

Weaknesses

psirt@hcl.com
CWE-434

Social media

Hype score
Not currently trending

  1. CVE-2024-42180 HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensio… https://t.co/0kABiByVN5

    @CVEnew

    12 Jan 2025

    558 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References