CVE-2024-42171

HCL MyXalytics is affected by insufficient session expiration

Description

HCL MyXalytics is affected by a session fixation vulnerability. Cyber-criminals can exploit this by sending crafted URLs with a session token to access the victim's login session.

INFO

Published Date :

2025-01-11T06:31:24.165Z

Last Modified :

2025-01-13T19:26:14.052Z

Source :

HCL

AFFECTED PRODUCTS

The following products are affected by CVE-2024-42171 vulnerability.

Vendors	Products
Hcltech	Dryice Myxalytics

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-42171.

URL	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact