PT-2025-2626 · Hcl+1 · Hcl Myxalytics+1
Published
2025-01-12
·
Updated
2025-05-16
·
CVE-2024-42179
CVSS v3.1
2.7
Low
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
HCL MyXalytics (affected versions not specified)
Description
The issue concerns a sensitive information disclosure vulnerability. The HTTP response header exposes the server's name and version as Microsoft-HTTP API/2.0. This allows attackers to gain sensitive information about the server, potentially leading to further exploitation. No information is available about the number of devices that can be affected by the exploitation of this issue. The vulnerability has been disclosed, but no information is available about whether it has been exploited by attackers.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hcl Myxalytics
Microsoft-Httpapi