CVE-2023-45723 in DRYiCE MyXalytics
Summary
by MITRE • 01/03/2024
HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 06/18/2025
The vulnerability identified as CVE-2023-45723 affects HCL DRYiCE MyXalytics, a business intelligence and analytics platform that enables organizations to process and visualize data from various sources. This critical security flaw resides within the file upload functionality of the application, specifically targeting how the system handles user-supplied file paths during the upload process. The vulnerability stems from insufficient input validation and sanitization mechanisms that fail to properly restrict or normalize file path components, allowing malicious actors to manipulate the destination where uploaded files are stored on the server filesystem.
The technical implementation of this path traversal vulnerability occurs through endpoints designed to accept file uploads but lacking proper path validation controls. Attackers can exploit this weakness by crafting malicious file names or path components that include directory traversal sequences such as "../" or similar constructs that bypass intended security boundaries. When the application processes these manipulated file paths, it stores uploaded files in unintended locations within the server's file system, potentially allowing access to sensitive directories or even overwriting critical system files. This vulnerability directly maps to CWE-22 Path Traversal and falls under the broader category of insecure file handling practices that have been consistently identified as high-risk security flaws in web applications.
The operational impact of this vulnerability extends beyond simple unauthorized file storage, as it creates a potential attack vector for more severe compromise scenarios. An attacker who successfully exploits this vulnerability could potentially upload malicious files such as web shells, backdoors, or other harmful payloads to locations accessible through the web server. This capability enables persistent access to the affected system, data exfiltration, and potential lateral movement within the network. The vulnerability is particularly concerning for organizations using MyXalytics for business intelligence, as it may provide access to sensitive business data, financial records, or proprietary information that the platform processes and stores. Additionally, the compromised system could serve as a foothold for further attacks, potentially leading to complete system compromise and unauthorized access to other network resources.
Organizations should implement immediate mitigations to address this vulnerability including input validation and sanitization of all file path components, implementing strict file path normalization, and restricting file upload capabilities to only authorized users with proper authentication and authorization controls. The application should employ absolute path restrictions that prevent traversal outside of designated upload directories, and all user-supplied path information should be properly escaped or filtered to remove potentially dangerous sequences. Network segmentation and monitoring should be implemented to detect unauthorized file uploads or suspicious file access patterns. Organizations should also conduct comprehensive security assessments of their MyXalytics installations, review file upload permissions, and ensure proper access controls are in place. The vulnerability aligns with ATT&CK technique T1078 Valid Accounts and T1566 Phishing, as exploitation often requires initial access through social engineering or credential compromise, and the attack chain can lead to persistent access and privilege escalation. Regular security updates and patches should be applied to the MyXalytics platform, and organizations should consider implementing web application firewalls to monitor and filter potentially malicious file upload requests.