CVE-2024-42177

MEDIUM Year: 2024
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-326
View all →

Vulnerability Description

HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities. Attackers can exploit the weakness in the ciphers to intercept and decrypt encrypted data, steal sensitive information, or inject malicious code into the system.

Related Vulnerabilities

CVE-2024-21787

HIGH
CVSS:6.4(Medium)

Inadequate encryption strength for some BMRA software before version 22.08 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-3262024

CVE-2015-5361

MEDIUM
CVSS:6.5(Medium)

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific...

CWE-3262015

CVE-2016-3019

MEDIUM
CVSS:6.5(Medium)

IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.

CWE-3262016

CVE-2017-3971

MEDIUM
CVSS:6.5(Medium)

Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyph...

CWE-3262017

CVE-2017-9645

MEDIUM
CVSS:6.5(Medium)

An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000 Transmitter Module, iPam Transmitter f/DMC 2000, RDS-31 iTX and variants (including RSD31-AM Package), DRM-1/2 an...

CWE-3262017

CVE-2018-5461

MEDIUM
CVSS:6.5(Medium)

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An inadequate encryption strength vuln...

CWE-3262018