CVE-2025-52642

HCL AION is affected by an internal filesystem paths disloser vulnerability

CVSS 3.3 LOWEPSS 0.1%CWE-538

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 3.3EPSS 0.1%KEV nãoPoC —Patch —

Ciclo de vida

16 mar 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

HCL AION is affected by a vulnerability where internal filesystem paths may be exposed through application responses or system behaviour. Exposure of internal paths may reveal environment structure details which could potentially aid in further targeted attacks or information disclosure.

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

Productos afectados

HCL · AION

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410