HCL DFXServer is affected by a Missing Access Control vulnerability. This vulnerability states that certain endpoints are accessible without any form of authentication in another browser. This allows any network user to invoke these APIs and interact with the application without verification of their identity or authorization level.
Metrics
Affected Vendors & Products
References
History
Thu, 16 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | HCL DFXServer is affected by a Missing Access Control vulnerability. This vulnerability states that certain endpoints are accessible without any form of authentication in another browser. This allows any network user to invoke these APIs and interact with the application without verification of their identity or authorization level. | |
| Title | HCL DFXServer is affected by a Missing Access Control vulnerability | |
| Weaknesses | CWE-284 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: HCL
Published:
Updated: 2026-07-16T12:07:24.658Z
Reserved: 2026-04-01T16:32:01.022Z
Link: CVE-2026-35148
Updated: 2026-07-16T12:07:19.843Z
No data.
No data.
OpenCVE Enrichment
No data.