CNNVD-202601-2805 Information
Jan 16, 2026
cve
CNNVD ID
CNNVD-202601-2805
Related CVE
- CNNVD Published: 2026-01-16
Description (Chinese)
HCL MyXalytics是印度HCL公司的一款分析类软件产品。用于进行数据分析等相关工作。 HCL MyXalytics v6.7版本存在安全漏洞,该漏洞源于静态JWT签名密钥管理不当且缺乏轮换,可能导致安全风险。
Description (English)
HCL MyXalytics is an analytical software product of HCL India. Relevant work such as data analysis. There is a security loophole in version HCL MyXaltics v. 6.7, which stems from the mismanage and lack of rotation of the static JWT signature key, which may lead to security risks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
HCL
Published
2026-01-16
Last Modified
2026-02-24
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128115
Patch
https://www.hcltechsw.com/wps/portal/products/myxalytics
Share on: