Skip to main content

HCL DFXAnalytics EUVDEUVD-2026-44916

| CVE-2026-35140 LOW
Information Exposure (CWE-200)
2026-07-16 HCL GHSA-c2j4-gprf-37xq
3.0
CVSS 3.1 · Vendor: HCL

Severity by source

Vendor (HCL) PRIMARY
3.0 LOW
AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
vuln.today AI
6.5 MEDIUM

Session token interception grants full account access, warranting C:H; AC:H and UI:R reflect required MITM position and victim HTTP traversal.

3.1 AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
4.0 AV:N/AC:H/AT:P/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (HCL).

CVSS VectorVendor: HCL

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jul 16, 2026 - 13:45 vuln.today

DescriptionCVE.org

HCL DFXAnalytics is affected by a Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability. The application fails to set the "secure" attribute on session cookies generated during authentication, which could allow a remote attacker to intercept network traffic and capture sensitive cookies, session tokens, or credentials sent in cleartext over unencrypted channels.

AnalysisAI

HCL DFXAnalytics fails to set the 'secure' attribute on session cookies generated during authentication, enabling a network-positioned attacker to capture session tokens transmitted in cleartext over unencrypted HTTP channels. Authenticated sessions are at risk when traffic traverses a path the attacker can observe, such as shared networks or HTTP downgrade scenarios. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain network interception position (MITM)
Delivery
Victim authenticates to DFXAnalytics over HTTPS
Exploit
Trigger or await HTTP sub-request from victim browser
Execution
Capture cleartext session cookie lacking secure flag
Impact
Replay cookie to hijack authenticated session

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to occupy a network path capable of observing or intercepting the victim's HTTP traffic - such as a shared Wi-Fi segment, a rogue access point, or a position enabling SSL stripping. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The official CVSS 3.1 score is 3.0 (Low) with vector AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker on a shared or adversary-controlled network segment performs an SSL-strip or HTTP downgrade against a victim who has authenticated to HCL DFXAnalytics. Because the session cookie lacks the 'secure' attribute, the browser transmits it in plaintext during any HTTP sub-request or redirect, allowing the attacker to capture the token via passive sniffing or active MITM tooling and replay it to impersonate the victim's authenticated session.
Remediation Consult the HCL Software advisory at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131787 for the vendor-released patch or configuration guidance - a specific fixed version number was not included in available intelligence and should not be assumed. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-56454 MEDIUM
5.9 Jul 16

TLS protocol downgrade exposure in HCL DFXAnalytics allows network-positioned attackers to intercept and decrypt sensiti

CVE-2026-56453 MEDIUM
5.5 Jul 16

Account takeover through HTTP response manipulation in HCL DFXAnalytics enables a network-positioned attacker to interce

CVE-2025-31970 MEDIUM
5.3 May 06

HCL DFXAnalytics fails to enforce strict Content-Security-Policy (CSP) directives for object-src and base-uri, enabling

CVE-2026-56456 MEDIUM
5.3 Jul 16

HCL DFXAnalytics exposes internal file system paths and directory structure through unhandled error messages, system log

CVE-2026-56455 MEDIUM
5.3 Jul 16

Stack-based buffer overflow in HCL DFXAnalytics allows remote unauthenticated attackers to crash or render the applicati

CVE-2025-59851 LOW
3.7 May 06

HCL DFXAnalytics contains unpatched third-party libraries with known vulnerabilities that could allow remote attackers w

CVE-2025-59852 LOW
3.7 May 06

HCL DFXAnalytics transmits sensitive data over the network without encryption, allowing network-positioned attackers to

CVE-2025-59854 LOW
3.1 May 06

HCL DFXAnalytics relies on the obsolete X-XSS-Protection security header instead of implementing a modern Content Securi

CVE-2025-59853 LOW
3.1 May 06

HCL DFXAnalytics exposes detailed stack traces in application responses due to improper error handling, allowing authent

CVE-2026-35145 LOW
3.1 Jul 16

Missing HSTS header in HCL DFXAnalytics exposes authenticated sessions to protocol downgrade and man-in-the-middle attac

CVE-2026-35143 LOW
3.0 Jul 16

Cross-Site Request Forgery exposure in HCL DFXAnalytics arises because session cookies generated during authentication a

CVE-2026-35142 LOW
2.6 Jul 16

Internal IP address exposure in HCL DFXAnalytics allows remote attackers who have obtained high-privilege authenticated

Share

EUVD-2026-44916 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy