{"id":27508,"date":"2025-04-20T00:19:41","date_gmt":"2025-04-20T00:19:41","guid":{"rendered":""},"modified":"2025-08-30T04:38:55","modified_gmt":"2025-08-30T10:38:55","slug":"cve-2023-45724-unauthenticated-file-upload-vulnerability-in-hcl-dryice-myxalytics","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2023-45724-unauthenticated-file-upload-vulnerability-in-hcl-dryice-myxalytics\/","title":{"rendered":"CVE-2023-45724: Unauthenticated File Upload Vulnerability in HCL DRYiCE MyXalytics<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The latest vulnerability to have been discovered, CVE-2023-45724, affects HCL DRYiCE MyXalytics, a popular product within the IT industry. This vulnerability pertains to an unauthenticated file upload that could potentially compromise the system or lead to data leakage. This loophole is potentially risky as it does not require user authentication, which means an unauthorized user could exploit this vulnerability<\/a> with relative ease.
\nThe severity of this vulnerability is high, with a CVSS (Common Vulnerability Scoring System<\/a>) score of 8.2, which is indicative of the significant risk it poses to the affected systems. This vulnerability should be a high priority for all users<\/a> of the affected product.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2023-45724
\nSeverity: High (8.2)
\nAttack Vector: Network
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: System compromise or data<\/a> leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n