Login Sign Up

CVE-2023-45724

8.2 HIGH
Authentication Bypass

📋 TL;DR

HCL DRYiCE MyXalytics has an unauthenticated file upload vulnerability that allows attackers to upload malicious files without authentication. This affects all users running vulnerable versions of the product, potentially leading to remote code execution or system compromise.

💻 Affected Systems

Products:
  • HCL DRYiCE MyXalytics
Versions: All versions prior to the fix
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Default installations are vulnerable; no special configuration required for exploitation.

📦 What is this software?

Dryice Myxalytics by Hcltech

View all CVEs affecting Dryice Myxalytics →

Dryice Myxalytics by Hcltech

View all CVEs affecting Dryice Myxalytics →

Dryice Myxalytics by Hcltech

View all CVEs affecting Dryice Myxalytics →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data exfiltration, and lateral movement within the network.

🟠

Likely Case

Malicious file upload leading to web shell deployment, data manipulation, or denial of service.

🟢

If Mitigated

Limited impact with proper network segmentation and file upload restrictions in place.

🌐 Internet-Facing: HIGH - Unauthenticated vulnerability on internet-facing systems allows direct exploitation without credentials.
🏢 Internal Only: MEDIUM - Internal systems still vulnerable but require network access; authentication bypass still possible.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Unauthenticated exploitation makes this particularly dangerous; weaponization likely due to CVSS 8.2 score and file upload nature.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions

Vendor Advisory: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608

Restart Required: Yes

Instructions:

1. Review vendor advisory KB0109608 2. Download and apply the latest patch from HCL 3. Restart the MyXalytics service 4. Verify the fix is applied

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to MyXalytics web interface using firewall rules

File Upload Validation

all

Implement server-side file type validation and size restrictions

🧯 If You Can't Patch

  • Isolate the MyXalytics system from internet and restrict internal network access
  • Implement web application firewall (WAF) rules to block file upload attempts

🔍 How to Verify

Check if Vulnerable:

Check if unauthenticated file upload is possible via the web interface; review version against vendor advisory

Check Version:

Check product version in administration console or configuration files

Verify Fix Applied:

Attempt unauthenticated file upload after patch; should be blocked or require authentication

📡 Detection & Monitoring

Log Indicators:

  • Unauthenticated file upload attempts
  • Unusual file types being uploaded
  • Web shell deployment patterns

Network Indicators:

  • POST requests to file upload endpoints without authentication headers
  • Unusual outbound connections from MyXalytics server

SIEM Query:

source="myxalytics" AND (http_method="POST" AND uri CONTAINS "upload" AND NOT auth_success="true")

📊 Metadata

CVE ID: CVE-2023-45724
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CWE: CWE-434
Published: January 3, 2024
Last Updated: June 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-45724, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)