CVE-2025-62308

HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed

CVSS 5.1 MEDIUMEPSS 0.1%CWE-201

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.1EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

14 May 2026Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions

CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

Affected products

HCL · AION

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636