Description
HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the application.
Published: 2026-05-06
Score: 3.7 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a "Using Components with Known Vulnerabilities" flaw in HCL DFXAnalytics. The application embeds third‑party libraries or sub‑components that have not been patched. An attacker who can identify these publicly known security issues may be able to exploit them to gain unauthorized access or compromise the application, potentially leading to data exfiltration or further lateral movement.

Affected Systems

HCL DFXAnalytics is the affected product. No specific version information is listed, indicating that any release built with unpatched libraries may be susceptible.

Risk and Exploitability

The CVSS score of 3.7 places the vulnerability in the moderate risk range. The EPSS score is not available, making it difficult to gauge current exploitation likelihood. The vulnerability is not listed in CISA’s KEV catalog, but the presence of known component weaknesses means that a determined adversary could exploit the flaw if the vulnerable library is accessible. The primary weakness is reflected by CWE‑1395, suggesting that the issue arises from improper handling of configuration or validation of third‑party components.

Generated by OpenCVE AI on May 6, 2026 at 11:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade HCL DFXAnalytics to the latest release that resolves the component vulnerability.
  • Replace or update all referenced third‑party libraries to the latest patched versions.
  • Run a vulnerability assessment to confirm that all dependencies are free of known exploits.

Generated by OpenCVE AI on May 6, 2026 at 11:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 10:45:00 +0000

Type Values Removed Values Added
Description HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the application.
Title HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability
Weaknesses CWE-1395
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published:

Updated: 2026-05-06T10:24:54.696Z

Reserved: 2025-09-22T14:59:58.052Z

Link: CVE-2025-59851

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-06T11:16:04.440

Modified: 2026-05-06T11:16:04.440

Link: CVE-2025-59851

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T11:30:26Z

Weaknesses