HCL MyXalytics Improper Password Policy Vulnerability Allowing Brute-Force Attacks

Vulnerability

A vulnerability exists in HCL MyXalytics due to improper implementation of password policies. The absence of strong password requirements and account lockout mechanisms enables attackers to guess or brute-force passwords, provided they know the username.

Impact

Exploitation of this vulnerability could lead to unauthorized access through successful password guessing or brute-forcing, potentially allowing attackers to gain control over user accounts.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL MyXalytics Improper Password Policy Vulnerability Allowing Brute-Force Attacks

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating