CVE-2025-31996

EPSS 0.04%
Veröffentlicht 13.10.2025 03:46:30
Zuletzt bearbeitet 21.10.2025 14:55:23
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL Unica Platform is affected by unprotected files due to improper access controls.   These files may contain sensitive information such as private or system information that can be exploited by attackers to compromise the application, infrastructure, or users.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Unica Version < 25.1.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.112

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@hcl.com	5.3	1.6	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-552 Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124418

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-31996

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-31996

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-31996

EUVD