CVE-2025-52656
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-03
Last updated on: 2025-10-08
Assigner: HCL Software
Description
Description
HCL MyXalytics: 6.6.Β Β is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcltech | dryice_myxalytics | 6.6 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-915 | The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Mass Assignment issue in HCL MyXalytics 6.6. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, which can allow unauthorized users to modify sensitive fields within the application.
How can this vulnerability impact me? :
The vulnerability can allow attackers to modify sensitive data or application fields without authorization, potentially leading to data integrity issues, unauthorized changes, and limited availability impact.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70