Path Traversal Vulnerability in HCL DRYiCE MyXalytics Allows Unauthorized File Upload

Path Traversal Vulnerability in HCL DRYiCE MyXalytics Allows Unauthorized File Upload

CVE-2023-45723 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability.  Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.

Learn more about our Cis Benchmark Audit For Server Software.