CVE-2026-56456 PUBLISHED

HCL DFXAnalytics is affected by an Internal File Path Disclosure vulnerability.

Assigner: HCL
Reserved: 22.06.2026 Published: 16.07.2026 Updated: 16.07.2026

HCL DFXAnalytics is affected by an Internal File Path Disclosure vulnerability. The application dashboard inadvertently leaks sensitive information regarding its internal file structure and directory paths through unhandled error messages, system logs, or debugging output, which could allow a remote attacker to map the underlying server environment and identify targets for further exploitation.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Score: 5.3

Product Status

Vendor HCL Software
Product DFXAnalytics
Versions Default: unaffected
  • Version version 3.0 and below is affected

References

Problem Types

  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE