HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.
History

Sat, 11 Jan 2025 07:00:00 +0000

Type Values Removed Values Added
Description HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.
Title HCL MyXalytics is affected by an improper password policy implementation vulnerability
Weaknesses CWE-521
References
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2025-01-11T06:54:33.550Z

Updated: 2025-01-11T06:54:33.550Z

Reserved: 2024-07-29T21:32:01.610Z

Link: CVE-2024-42173

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2025-01-11T07:15:08.927

Modified: 2025-01-11T07:15:08.927

Link: CVE-2024-42173

cve-icon Redhat

No data.