HCL MyXalytics product is affected by Mass Assignment vulnerability

7.6 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L

Description

HCL MyXalytics: 6.6. is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields.

Basic Information

ID CVE-2025-52656

Source HCL

Published Oct 3, 2025 at 18:20

Modified Oct 3, 2025 at 18:43

Affected Product

Vendor HCL

Product HCL MyXalytics

Version 6.6

Affected Versions HCL HCL MyXalytics 6.6

CWE Classification

CWE-915

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL MyXalytics: 6.6.\u00a0\u00a0is affected by Mass Assignment vulnerability. Mass Assignment occurs when user input is automatically bound to application objects without proper validation or access controls, potentially allowing unauthorized modification of sensitive fields.",
    "published": "2025-10-03T18:20:18.752Z",
    "modified": "2025-10-03T18:43:17.842Z",
    "type": "cve",
    "title": "HCL MyXalytics product is affected by Mass Assignment vulnerability",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124411",
    "id": "CVE-2025-52656",
    "bulletinFamily": "",
    "cwe": [
        "CWE-915"
    ],
    "cvelist": null,
    "sourceData": "HCL HCL MyXalytics 6.6",
    "sourceHref": "",
    "cvss": {
        "score": 7.6,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "HCL MyXalytics",
    "version": "6.6",
    "vendor": "HCL",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

HCL MyXalytics product is affected by Mass Assignment vulnerability_CVE-2025-52656