Skip to main content

HCL DFXServer CVE-2026-35146

| EUVDEUVD-2026-44905 MEDIUM
Inadequate Encryption Strength (CWE-326)
2026-07-16 HCL GHSA-g8m2-fxgf-6pqg
6.3
CVSS 3.1 · Vendor: HCL
Share

Severity by source

Vendor (HCL) PRIMARY
6.3 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
vuln.today AI
3.1 LOW

AC:H because successful interception requires a privileged MITM network position; I:N and A:N as passive channel interception does not directly affect integrity or availability.

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (HCL).

CVSS VectorVendor: HCL

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jul 16, 2026 - 12:07 vuln.today

DescriptionCVE.org

HCL DFXServer is affected by an Unencrypted Communication vulnerability. The application permits users to establish connections over unencrypted channels via the HTTP protocol, which could allow a remote attacker to intercept network traffic and expose sensitive data transmitted between the user and the application.

AnalysisAI

HCL DFXServer permits client connections over plaintext HTTP, exposing all transmitted data to interception by any attacker with a man-in-the-middle position on the network path. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) confirms remote exploitation without authentication, contingent on a user initiating an HTTP session. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Achieve MITM network position
Exploit
User initiates HTTP session to DFXServer
Execution
Intercept plaintext HTTP traffic
Impact
Extract credentials or sensitive session data

Vulnerability AssessmentAI

Exploitation Exploitation requires the application to be accessed via HTTP rather than HTTPS - the plaintext channel must be reachable and in use. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-assigned CVSS score of 6.3 (Medium) reflects a meaningful but bounded risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker on the same network segment as a DFXServer user - via ARP spoofing, a rogue Wi-Fi access point, or a compromised network device - intercepts HTTP traffic in transit, capturing session tokens, credentials, or sensitive application data in plaintext. No public exploit code exists, but standard MITM tools (e.g., mitmproxy, Wireshark) would suffice to execute this attack with minimal technical sophistication once network positioning is achieved.
Remediation The primary remediation is to enforce TLS (HTTPS) for all client-to-server communication and disable or redirect plaintext HTTP connections at the application or reverse-proxy layer. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-35146 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy