HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Potential exploits can completely disrupt or take over the application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hcltech dryice myxalytics 6.1 |
||
hcltech dryice myxalytics 5.9 |
||
hcltech dryice myxalytics 6.0 |