CVE-2023-50345

HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker to redirect users to malicious sites, potentially leading to phishing attacks or other security threats.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608	Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:hcltech:dryice_myxalytics:5.9:::::::*
	cpe:2.3:a:hcltech:dryice_myxalytics:6.0:::::::*
	cpe:2.3:a:hcltech:dryice_myxalytics:6.1:::::::*

History

21 Nov 2024, 08:36

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~6.1~~	v2 : unknown v3 : 3.7
References	~~() https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608 - Vendor Advisory~~	() https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608 - Vendor Advisory

09 Jan 2024, 19:50

Type	Values Removed	Values Added
References	~~() https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608 -~~	() https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608 - Vendor Advisory
CPE		cpe:2.3:a:hcltech:dryice_myxalytics:6.1:::::::* cpe:2.3:a:hcltech:dryice_myxalytics:5.9:::::::* cpe:2.3:a:hcltech:dryice_myxalytics:6.0:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.1
First Time		Hcltech dryice Myxalytics Hcltech
CWE		CWE-601

03 Jan 2024, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-03 02:15

Updated : 2024-11-21 08:36

NVD link : CVE-2023-50345

Mitre link : CVE-2023-50345

CVE.ORG link : CVE-2023-50345

JSON object : View

Products Affected

hcltech

dryice_myxalytics

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2023-50345", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2024-01-03T02:15:43.757", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}, {"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker to redirect users to malicious sites, potentially leading to phishing attacks or other security threats.\n"}, {"lang": "es", "value": "HCL DRYiCE MyXalytics se ve afectado por una vulnerabilidad de Open Redirect que podr\u00eda permitir a un atacante redirigir a los usuarios a sitios maliciosos, lo que podr\u00eda provocar ataques de phishing u otras amenazas a la seguridad."}], "lastModified": "2024-11-21T08:36:52.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D13FF107-A7BD-4925-B5A2-B44983C3713B"}, {"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F872BB54-B3D7-4C48-A8AB-893B566380E6"}, {"criteria": "cpe:2.3:a:hcltech:dryice_myxalytics:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF8533C9-FB63-45EE-8FD4-5C69CB19F362"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}