CVE-2026-35142
LOW
2.6
CVSS 3.1
Description
HCL DFXAnalytics is affected by an Internal IP Address Disclosure vulnerability. The application includes internal IP address details within its generated server responses, which could allow a remote attacker to gather sensitive network topology information and use it to map the internal infrastructure for further targeted attacks.
Metadata
Severity & Metrics
2.6
LOW CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| HCL Software | DFXAnalytics | — | version 3.0 and below |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-200 | cna | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 2.6 | LOW | 3.1 | cna | CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N |