Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

DFXAnalytics

Source -

CNA

CNA CVEs -

5

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2025-59854
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.03% / 8.11%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 10:27
Updated-06 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability

HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could allow an attacker to exploit browser-specific rendering flaws or bypass security controls that should instead be managed by a robust Content Security Policy (CSP).

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-DFXAnalytics
CWE ID-CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CVE-2025-59853
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-3.1||LOW
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 10:26
Updated-06 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DFXAnalytics is affected by an Improper Error Handling vulnerability

HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-DFXAnalytics
CWE ID-CWE-209
Generation of Error Message Containing Sensitive Information
CVE-2025-59852
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.01% / 1.83%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 10:25
Updated-06 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability

HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-DFXAnalytics
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-59851
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-3.7||LOW
EPSS-0.03% / 9.41%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 10:24
Updated-06 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability

HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the application.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-DFXAnalytics
CWE ID-CWE-1395
Dependency on Vulnerable Third-Party Component
CVE-2025-31970
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 11.24%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 10:22
Updated-06 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability

HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri, which could allow an attacker to exploit injection vectors such as Cross-Site Scripting (XSS)

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-DFXAnalytics
CWE ID-CWE-358
Improperly Implemented Security Check for Standard