Skip to main content

HCL DFXAnalytics CVE-2026-56454

| EUVDEUVD-2026-44922 MEDIUM
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
2026-07-16 HCL GHSA-4h8f-jwxw-9996
5.9
CVSS 3.1 · Vendor: HCL
Share

Severity by source

Vendor (HCL) PRIMARY
5.9 MEDIUM
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
vuln.today AI
5.9 MEDIUM

AC:H reflects mandatory MitM network positioning; C:H captures full session decryption potential; I:N and A:N as deprecated TLS affects confidentiality only.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (HCL).

CVSS VectorVendor: HCL

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jul 16, 2026 - 13:48 vuln.today

DescriptionCVE.org

HCL DFXAnalytics is affected by a Deprecated Protocol vulnerability due to the use of TLS 1.0 and TLS 1.1. These legacy protocols contain numerous cryptographic design flaws that expose data to interception and decryption. To remediate this risk, the application must disable all support for TLS 1.0 and TLS 1.1, and exclusively enable support for secure protocols, specifically TLS 1.2 and TLS 1.3.

AnalysisAI

TLS protocol downgrade exposure in HCL DFXAnalytics allows network-positioned attackers to intercept and decrypt sensitive communications by exploiting continued support for deprecated TLS 1.0 and TLS 1.1 protocols. All versions of DFXAnalytics are affected per the wildcard CPE string, with high confidentiality impact and no integrity or availability degradation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Establish MitM network position
Delivery
Intercept TLS client hello from DFXAnalytics client
Exploit
Force downgrade to TLS 1.0 or 1.1 negotiation
Execution
Exploit CBC cipher weakness (e.g., BEAST padding oracle)
Impact
Decrypt intercepted session data

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to establish a man-in-the-middle network position on the path between a DFXAnalytics client and server - for example, via ARP spoofing on a local segment, a compromised network device, or rogue wireless access point. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 base score of 5.9 (Medium) accurately captures the constrained threat model: AV:N acknowledges network reachability, but AC:H is the controlling factor, requiring the attacker to first achieve a man-in-the-middle position on the network path between a DFXAnalytics client and server. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a man-in-the-middle network position - achieved via ARP poisoning on a shared LAN, rogue Wi-Fi, or BGP route hijacking - intercepts a TLS handshake between a DFXAnalytics client and server and induces negotiation of TLS 1.0. The attacker then applies a BEAST-style CBC padding oracle attack to decrypt encrypted session content, potentially recovering authentication tokens, query results, or sensitive business data in transit. …
Remediation The primary remediation is to disable TLS 1.0 and TLS 1.1 within HCL DFXAnalytics and enforce exclusive use of TLS 1.2 and TLS 1.3, as directed by HCL's advisory KB0131787 at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131787. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-56453 MEDIUM
5.5 Jul 16

Account takeover through HTTP response manipulation in HCL DFXAnalytics enables a network-positioned attacker to interce

CVE-2025-31970 MEDIUM
5.3 May 06

HCL DFXAnalytics fails to enforce strict Content-Security-Policy (CSP) directives for object-src and base-uri, enabling

CVE-2026-56456 MEDIUM
5.3 Jul 16

HCL DFXAnalytics exposes internal file system paths and directory structure through unhandled error messages, system log

CVE-2026-56455 MEDIUM
5.3 Jul 16

Stack-based buffer overflow in HCL DFXAnalytics allows remote unauthenticated attackers to crash or render the applicati

CVE-2025-59851 LOW
3.7 May 06

HCL DFXAnalytics contains unpatched third-party libraries with known vulnerabilities that could allow remote attackers w

CVE-2025-59852 LOW
3.7 May 06

HCL DFXAnalytics transmits sensitive data over the network without encryption, allowing network-positioned attackers to

CVE-2025-59854 LOW
3.1 May 06

HCL DFXAnalytics relies on the obsolete X-XSS-Protection security header instead of implementing a modern Content Securi

CVE-2025-59853 LOW
3.1 May 06

HCL DFXAnalytics exposes detailed stack traces in application responses due to improper error handling, allowing authent

CVE-2026-35145 LOW
3.1 Jul 16

Missing HSTS header in HCL DFXAnalytics exposes authenticated sessions to protocol downgrade and man-in-the-middle attac

CVE-2026-35143 LOW
3.0 Jul 16

Cross-Site Request Forgery exposure in HCL DFXAnalytics arises because session cookies generated during authentication a

CVE-2026-35140 LOW
3.0 Jul 16

HCL DFXAnalytics fails to set the 'secure' attribute on session cookies generated during authentication, enabling a netw

CVE-2026-35142 LOW
2.6 Jul 16

Internal IP address exposure in HCL DFXAnalytics allows remote attackers who have obtained high-privilege authenticated

Share

CVE-2026-56454 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy