CVE-2025-62312

HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication

CVSS 3 LOWEPSS 0.1%CWE-522

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 3EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

14 may 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse, especially if not combined with secure transmission practices.

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

Productos afectados

HCL · AION

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636