Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal Arbitrary File Read affects DRYiCE MyXalytics
Vulnerability Description
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Potential exploits can completely disrupt or take over the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
HCL Technologies DRYiCE MyXalytics 安全漏洞
Vulnerability Description
HCL Technologies DRYiCE MyXalytics是美国HCL Technologies公司的一款统一的报告和仪表板产品。 HCL Technologies DRYiCE MyXalytics 存在安全漏洞,该漏洞源于无法正确中和路径名中的特殊元素,这些元素可能导致路径名解析为受限目录之外的位置。
CVSS Information
N/A
Vulnerability Type
N/A