CVE-2026-56453 PUBLISHED

HCL DFXAnalytics is affected by an Account Takeover via Response Manipulation vulnerability.

Assigner: HCL
Reserved: 22.06.2026 Published: 16.07.2026 Updated: 16.07.2026

HCL DFXAnalytics is affected by an Account Takeover via Response Manipulation vulnerability. A remote attacker can intercept and alter the contents of the server's HTTP responses before they reach the client application, allowing them to manipulate the authentication or authorization logic to bypass controls and gain unauthorized access to targeted user accounts.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
CVSS Score: 5.5

Product Status

Vendor HCL Software
Product DFXAnalytics
Versions Default: unaffected
  • Version version 3.0 and below is affected

References

Problem Types

  • CWE-294: Exposure of Sensitive Information to an Unauthorized Actor CWE