HCL DFXServer is affected by an Authentication Bypass vulnerability via server response manipulation. An unauthorized user without valid credentials can exploit this flaw by intercepting and altering the server's authentication responses, allowing them to gain unauthorized access to the application without verification.
History

Thu, 16 Jul 2026 12:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 16 Jul 2026 11:45:00 +0000

Type Values Removed Values Added
Description HCL DFXServer is affected by an Authentication Bypass vulnerability via server response manipulation. An unauthorized user without valid credentials can exploit this flaw by intercepting and altering the server's authentication responses, allowing them to gain unauthorized access to the application without verification.
Title HCL DFXServer is affected by an Authentication Bypass vulnerability via server response manipulation.
Weaknesses CWE-294
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published:

Updated: 2026-07-16T12:06:39.721Z

Reserved: 2026-04-01T16:32:01.022Z

Link: CVE-2026-35149

cve-icon Vulnrichment

Updated: 2026-07-16T12:06:32.857Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.