CVE-2024-42173 – HCL MyXalytics has an improper password policy ... (How to Fix)

Q: What is the severity of CVE-2024-42173?

CVE-2024-42173 has a CVSS score of 4.8 (MEDIUM). HCL MyXalytics has an improper password policy vulnerability that allows attackers to guess or brute-force passwords when usernames are known. This affects organizations using vulnerable versions of HCL MyXalytics software.

📋 TL;DR

HCL MyXalytics has an improper password policy vulnerability that allows attackers to guess or brute-force passwords when usernames are known. This affects organizations using vulnerable versions of HCL MyXalytics software.

💻 Affected Systems

Products:

HCL MyXalytics

Versions: All versions prior to the fix

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments with weak password policies or missing account lockout are vulnerable.

📦 What is this software?

Dryice Myxalytics by Hcltech

View all CVEs affecting Dryice Myxalytics →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through unauthorized administrative access leading to data theft, system manipulation, or ransomware deployment.

🟠

Likely Case

Unauthorized user access to sensitive analytics data and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper password policies and account lockout mechanisms in place.

🌐 Internet-Facing: HIGH - Internet-facing instances are directly exposed to brute-force attacks from anywhere.

🏢 Internal Only: MEDIUM - Internal attackers or compromised accounts could still exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Requires username knowledge but uses standard brute-force techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched versions

Vendor Advisory: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149

Restart Required: Yes

Instructions:

1. Review vendor advisory KB0118149 2. Apply recommended patches 3. Restart MyXalytics services 4. Verify password policies are enforced

🔧 Temporary Workarounds

Enforce Strong Password Policy

all

Implement minimum password length, complexity requirements, and expiration policies

Configure via MyXalytics administration console

Enable Account Lockout

all

Configure account lockout after failed login attempts

Set via MyXalytics security settings

🧯 If You Can't Patch

Implement network segmentation and restrict access to MyXalytics instances
Deploy Web Application Firewall (WAF) with brute-force protection rules

🔍 How to Verify

Check if Vulnerable:

Check if password policies allow weak passwords and if account lockout is disabled in MyXalytics configuration

Check Version:

Check MyXalytics version in administration console or via vendor documentation

Verify Fix Applied:

Verify strong password policies are enforced and account lockout is enabled after patch application

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts from same IP
Successful login after many failures
Account lockout events

Network Indicators:

High volume of authentication requests
Patterned login attempts

SIEM Query:

source="myxalytics" AND (event_type="failed_login" count>10 within 5min OR event_type="account_lockout")

📊 Metadata

CVE ID: CVE-2024-42173

CVSS v3 Score: 4.8 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-521

EPSS Score: 0.07% exploit probability (22.3th percentile)

Published: January 11, 2025

Last Updated: May 16, 2025

🔗 References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-42173, you might also want to check these: