PT-2026-60454 · Hcl · Dfxserver

CVE-2026-35148

·

Published

2026-07-16

·

Updated

2026-07-16

CVSS v3.1

6.3

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Name of the Vulnerable Software and Affected Versions HCL DFXServer (affected versions not specified)
Description Missing access control allows network users to invoke specific API endpoints and interact with the application without authentication or authorization verification. This occurs because certain endpoints remain accessible without identity verification when accessed via a different browser.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-35148

Affected Products

Dfxserver