CVE-2025-62317

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters.

CVSS 2.6 LOWEPSS 0.1%CWE-598

Vexday Risk Score

8Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 2.6EPSS 0.1%KEV nãoPoC —Patch —

Ciclo de vida

14 may 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary systems, potentially leading to unintended information disclosure under certain conditions.

CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

Productos afectados

HCL · AION

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636