CVE-2024-42172

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Jan 11, 2025

CWE ID 287

Summary

CVE-2024-42172 is a broken authentication vulnerability affecting HCL MyXalytics. This issue grants attackers unauthorized access to keys, passwords, and session tokens, increasing the risk of identity theft and system control. The vulnerability originates from configuration errors, logic flaws, or software bugs and poses a significant threat to various applications, including databases, network infrastructure, and web apps. Successful exploitation allows attackers to bypass authentication processes, potentially leading to severe data breaches and unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

DRYiCE MyXalytics

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xUze49
https://www.cve.org/CVERecord?id=CVE-2024-42172
https://nvd.nist.gov/vuln/detail/CVE-2024-42172

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

Know What Matters

For Customers

For Partners

CVE-2024-42172

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations