CVE-2026-56454
MEDIUM
5.9
CVSS 3.1
Description
HCL DFXAnalytics is affected by a Deprecated Protocol vulnerability due to the use of TLS 1.0 and TLS 1.1. These legacy protocols contain numerous cryptographic design flaws that expose data to interception and decryption. To remediate this risk, the application must disable all support for TLS 1.0 and TLS 1.1, and exclusively enable support for secure protocols, specifically TLS 1.2 and TLS 1.3.
Metadata
Severity & Metrics
5.9
MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| HCL Software | DFXAnalytics | — | version 3.0 and below |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-327 | cna | CWE-327: Use of a Broken or Risky Cryptographic Algorithm |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.9 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |