Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control (Controller APIs) affects DRYiCE MyXalytics
Vulnerability Description
HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. Certain API endpoints are accessible to Customer Admin Users that can allow access to sensitive information about other users.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
HCL Technologies DRYiCE MyXalytics 安全漏洞
Vulnerability Description
HCL Technologies DRYiCE MyXalytics是美国HCL Technologies公司的一款统一的报告和仪表板产品。 HCL Technologies DRYiCE MyXalytics 存在安全漏洞,该漏洞源于客户管理员用户可以访问某些 API 端点,从而允许访问有关其他用户的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A