HCL MyXalytics Sensitive Information Disclosure Vulnerability

Vulnerability

A vulnerability in HCL MyXalytics allows for the disclosure of sensitive information through the HTTP response header, which reveals the server's name and version as Microsoft-HTTP API/2.0. This issue could potentially be exploited to gather information about the server that could be useful in a broader attack.

Impact

Exposing the server name and version in the HTTP response header can lead to information disclosure, allowing attackers to identify the server software and version, which could be exploited in a targeted attack.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL MyXalytics Sensitive Information Disclosure Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating