Back to overview

CVE-2026-56454

MEDIUM
5.9
CVSS 3.1
Description
HCL DFXAnalytics is affected by a Deprecated Protocol vulnerability due to the use of TLS 1.0 and TLS 1.1. These legacy protocols contain numerous cryptographic design flaws that expose data to interception and decryption. To remediate this risk, the application must disable all support for TLS 1.0 and TLS 1.1, and exclusively enable support for secure protocols, specifically TLS 1.2 and TLS 1.3.

Metadata

CVE ID
CVE-2026-56454
State
PUBLISHED
Assigner
HCL
Reserved
2026-06-22 13:38 UTC
Published
2026-07-16 13:08 UTC
Last updated
2026-07-16 13:41 UTC
Primary CWE
CWE-327
CWE-327: Use of a Broken or Risky Cryptographic Algorithm
Vendor / Product
HCL Software / DFXAnalytics
Sources
cve.org  ·  NVD

Severity & Metrics

5.9 MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
HCL Software DFXAnalytics version 3.0 and below
Weakness (CWE)
CWESourceDescription
CWE-327 cna CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CVSS scores (1)
ScoreSeverityVersionSourceVector
5.9 MEDIUM 3.1 cna CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Back to overview