CVE-2024-42176

CVSS 3.1 Score 2.6 of 10 (low)

Details

Published Mar 19, 2025

CWE ID 307

Summary

CVE-2024-42176 refers to a concurrent login vulnerability affecting HCL MyXalytics. This issue arises when the system permits multiple active sessions with the same credentials, increasing the risk of unauthorized access to user accounts or sensitive information. An attacker could potentially exploit this vulnerability by logging into a user's account concurrently, bypassing security measures and gaining unauthorized access. Users are encouraged to implement multi-factor authentication and closely monitor their accounts for unauthorized activity. HCL is advised to release a patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xU0yE3
https://www.cve.org/CVERecord?id=CVE-2024-42176
https://nvd.nist.gov/vuln/detail/CVE-2024-42176

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-42176

CVSS 3.1 Score 2.6 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations