CVE-2024-42177 LOW

CVE-2024-42177: HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities

Vendor Hcl Software
Product HCL MyXalytics
Weakness CWE-326 · Weak encryption
Published April 17, 2025
Last update April 17, 2025

CVSS base score

2.6/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system.

Key dates

02Disclosure timeline

April 17, 2025 CVE published
April 17, 2025 Record updated