PatchSiren cyber security CVE debrief
CVE-2026-35141 HCL Software CVE debrief
A Login Replay Attack vulnerability was discovered in HCL DFXAnalytics. The application allows a remote attacker to intercept, delay, or fraudulently retransmit valid authentication data to achieve unauthorized access. To mitigate this risk, the application must implement a mechanism to include timestamps with every message, ensuring that messages exceeding a specific age threshold are automatically rejected by the recipient system. The vulnerability has a CVSS score of 2.6 and is classified as LOW. Security teams and administrators should be aware of this vulnerability and take necessary steps to mitigate the risk. This includes reviewing the official advisory and CVE record to validate affected scope, severity, and vendor guidance.
- Vendor
- HCL Software
- Product
- DFXAnalytics
- CVSS
- LOW 2.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-16
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-16
- Advisory updated
- 2026-07-16
Who should care
Security teams and administrators responsible for HCL DFXAnalytics should be aware of this vulnerability and take necessary steps to mitigate the risk. This includes reviewing compensating controls for exposed systems while remediation is scheduled and verified, and checking relevant monitoring, detection, and logs for exposed assets that need extra review.
Technical summary
The CVE-2026-35141 vulnerability is a Login Replay Attack vulnerability in HCL DFXAnalytics. The application allows a remote attacker to intercept, delay, or fraudulently retransmit valid authentication data to achieve unauthorized access. The CVSS score for this vulnerability is 2.6, and the severity is classified as LOW. Security teams should review the official advisory and CVE record to validate affected scope, severity, and vendor guidance. The vulnerability can be mitigated by implementing a mechanism to include timestamps with every message, ensuring that messages exceeding a specific age threshold are automatically rejected by the recipient system.
Defensive priority
Low priority, but security teams should review and implement necessary mitigations to prevent unauthorized access, and track exceptions, retest remediated assets, and close the item only after evidence is documented.
Recommended defensive actions
- Implement a mechanism to include timestamps with every message
- Ensure that messages exceeding a specific age threshold are automatically rejected by the recipient system
- Monitor and review authentication data for suspicious activity
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
Evidence notes
The CVE record was published on 2026-07-16T14:16:50.747Z and was last modified on 2026-07-16T17:16:18.057Z. The NVD entry is currently Undergoing Analysis. The source details are limited, and further verification is needed to confirm the affected scope and severity. Defenders should verify the official advisory and CVE record for accurate information and review compensating controls for exposed systems.
Official resources
-
CVE-2026-35141 CVE record
CVE.org
-
CVE-2026-35141 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T14:16:50.747Z and has not been modified since then. The NVD entry is currently Undergoing Analysis.