Severity by source
AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N
High privilege and explicit user interaction required to trigger disclosure; confidentiality rated Low for IP address leakage; no integrity or availability impact applies to this information-only disclosure.
Primary rating from Vendor (HCL).
CVSS VectorVendor: HCL
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
HCL DFXAnalytics is affected by an Internal IP Address Disclosure vulnerability. The application includes internal IP address details within its generated server responses, which could allow a remote attacker to gather sensitive network topology information and use it to map the internal infrastructure for further targeted attacks.
AnalysisAI
Internal IP address exposure in HCL DFXAnalytics allows remote attackers who have obtained high-privilege authenticated access to harvest internal network topology details from generated server responses. The application embeds private IP addresses directly in its output, violating the CWE-200 information boundary and enabling attackers to map internal infrastructure for follow-on targeted attacks. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated session with high-privilege access to HCL DFXAnalytics (PR:H per the CVSS vector), high attack complexity (AC:H), and user interaction (UI:R), meaning passive credential theft alone is insufficient - the attacker must actively perform privileged application actions that generate the vulnerable responses. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N) yields a base score of 2.6, firmly in the Low range. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has compromised high-privilege credentials to HCL DFXAnalytics - either through phishing, credential stuffing, or insider access - triggers specific application actions that generate server responses containing embedded internal IP addresses. The attacker systematically records these addresses across multiple responses to enumerate internal subnets and application server clusters, then uses this topology map to identify and target internal hosts that would otherwise require active network scanning to discover. |
| Remediation | Consult the HCL Software knowledge base article KB0131787 at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131787 for vendor-specific patching or configuration guidance; a confirmed fixed version number is not available from current data sources. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Dfxanalytics
View allTLS protocol downgrade exposure in HCL DFXAnalytics allows network-positioned attackers to intercept and decrypt sensiti
Account takeover through HTTP response manipulation in HCL DFXAnalytics enables a network-positioned attacker to interce
HCL DFXAnalytics fails to enforce strict Content-Security-Policy (CSP) directives for object-src and base-uri, enabling
HCL DFXAnalytics exposes internal file system paths and directory structure through unhandled error messages, system log
Stack-based buffer overflow in HCL DFXAnalytics allows remote unauthenticated attackers to crash or render the applicati
HCL DFXAnalytics contains unpatched third-party libraries with known vulnerabilities that could allow remote attackers w
HCL DFXAnalytics transmits sensitive data over the network without encryption, allowing network-positioned attackers to
HCL DFXAnalytics relies on the obsolete X-XSS-Protection security header instead of implementing a modern Content Securi
HCL DFXAnalytics exposes detailed stack traces in application responses due to improper error handling, allowing authent
Missing HSTS header in HCL DFXAnalytics exposes authenticated sessions to protocol downgrade and man-in-the-middle attac
Cross-Site Request Forgery exposure in HCL DFXAnalytics arises because session cookies generated during authentication a
HCL DFXAnalytics fails to set the 'secure' attribute on session cookies generated during authentication, enabling a netw
Same weakness CWE-200 – Information Exposure
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44918
GHSA-xxvx-4jh7-w294