Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
AC:H because successful interception requires a privileged MITM network position; I:N and A:N as passive channel interception does not directly affect integrity or availability.
Primary rating from Vendor (HCL).
CVSS VectorVendor: HCL
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user and the application.
AnalysisAI
HCL DFXServer permits client connections over plaintext HTTP, exposing all transmitted data to interception by any attacker with a man-in-the-middle position on the network path. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) confirms remote exploitation without authentication, contingent on a user initiating an HTTP session. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the application to be accessed via HTTP rather than HTTPS - the plaintext channel must be reachable and in use. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor-assigned CVSS score of 6.3 (Medium) reflects a meaningful but bounded risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker on the same network segment as a DFXServer user - via ARP spoofing, a rogue Wi-Fi access point, or a compromised network device - intercepts HTTP traffic in transit, capturing session tokens, credentials, or sensitive application data in plaintext. No public exploit code exists, but standard MITM tools (e.g., mitmproxy, Wireshark) would suffice to execute this attack with minimal technical sophistication once network positioning is achieved. |
| Remediation | The primary remediation is to enforce TLS (HTTPS) for all client-to-server communication and disable or redirect plaintext HTTP connections at the application or reverse-proxy layer. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Authentication bypass in HCL DFXServer allows remote unauthenticated attackers to reach specific API endpoints directly
Authentication bypass in HCL DFXServer lets an unauthenticated remote attacker intercept and tamper with the server's au
Unauthenticated API access in HCL DFXServer exposes application endpoints to any network-reachable user without identity
Same weakness CWE-326 – Inadequate Encryption Strength
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44905
GHSA-g8m2-fxgf-6pqg