{"cve":{"cve_id":"CVE-2023-45723","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00997,"epss_percentile":0.58173,"epss_as_of":"2026-06-23","description":"HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability.  Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.\n","published_at":"2024-01-03T02:50:02.258000Z","last_modified_at":null,"cvss_v3_score":7.6,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L","cvss_v3_severity":"HIGH","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-22"],"nvd_references":["https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:38:55.890154Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"L","value_label":"Low"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"hcl-software","vendor_name":"HCL Software","product_slug":"dryice-myxalytics","product_name":"DRYiCE MyXalytics","version_start":"5.9, 6.0, 6.1","version_start_inclusive":true,"version_end":"5.9, 6.0, 6.1","version_end_inclusive":true,"cpe23_uri":"cve5:hcl-software:dryice-myxalytics:5.9, 6.0, 6.1:5.9, 6.0, 6.1"}],"exploit_refs":[],"news":[],"references":[{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-01-03T02:50:02.258000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:30:18.424510Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:30:18.424510Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:30:18.424510Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:38:55.890154Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:38:55.890154Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:38:55.890154Z","label":"SSVC decision revised","source":"vulnrichment"}]}