CVE-2023-45722 is a high-severity path traversal vulnerability affecting HCL Software's DRYiCE MyXalytics versions 5.9, 6.0, and 6.1. The vulnerability arises because the application improperly handles external input used to construct file or directory pathnames. Specifically, the software fails to adequately neutralize special path elements such as "../" sequences, which can cause the resolved pathname to escape the intended restricted directory boundary. This flaw allows an attacker with at least low-level privileges (PR:L) to craft requests that read arbitrary files outside the designated directory structure. The vulnerability has a CVSS v3.1 base score of 8.8, reflecting its network exploitable nature (AV:N), low attack complexity (AC:L), and no user interaction required (UI:N). The impact includes complete compromise of confidentiality, integrity, and availability of the application, as attackers can read sensitive files, potentially leading to further exploitation or disruption of the MyXalytics service. Although no known exploits are currently reported in the wild, the vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), a common and well-understood class of security issues. Given the critical role of DRYiCE MyXalytics in IT operations analytics and automation, exploitation could severely disrupt business processes reliant on this software.

For European organizations using HCL DRYiCE MyXalytics, this vulnerability poses significant risks. The ability to read arbitrary files can lead to exposure of sensitive operational data, credentials, or configuration files, potentially enabling lateral movement within networks or full application takeover. This can disrupt IT service management and analytics workflows, impacting business continuity and operational efficiency. Confidentiality breaches could also lead to regulatory non-compliance under GDPR, resulting in legal and financial penalties. The high severity and network accessibility mean attackers can exploit this vulnerability remotely, increasing the threat surface. Organizations in sectors with high reliance on IT operations analytics, such as finance, telecommunications, and critical infrastructure, are particularly at risk. The absence of known exploits currently provides a window for proactive mitigation, but the vulnerability’s characteristics suggest it could be targeted in future attacks.

To mitigate CVE-2023-45722, European organizations should prioritize the following actions: 1) Apply patches or updates from HCL Software as soon as they become available, as no patch links are currently provided but monitoring vendor advisories is critical. 2) Implement strict input validation and sanitization on all user-supplied path parameters to prevent traversal sequences. 3) Employ runtime application self-protection (RASP) or web application firewalls (WAFs) configured to detect and block path traversal attempts targeting MyXalytics endpoints. 4) Restrict access to the MyXalytics application to trusted networks and authenticated users with the minimum necessary privileges, as the vulnerability requires low privileges but still authentication. 5) Conduct regular security audits and penetration testing focused on file path handling and directory traversal vulnerabilities. 6) Monitor application logs for suspicious access patterns indicative of traversal attempts. 7) Consider deploying file integrity monitoring on critical directories to detect unauthorized file access or changes. These measures, combined with timely patching, will reduce the risk of exploitation and limit potential damage.