3.5
CVE-2025-52603
- EPSS 0.03%
- Veröffentlicht 20.02.2026 15:29:55
- Zuletzt bearbeitet 20.02.2026 18:36:01
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
LoginHCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hcltech ≫ Connections Version7.0
Hcltech ≫ Connections Version8.0 Update-
Hcltech ≫ Connections Version8.0 Updatecumulative_release1
Hcltech ≫ Connections Version8.0 Updatecumulative_release10
Hcltech ≫ Connections Version8.0 Updatecumulative_release2
Hcltech ≫ Connections Version8.0 Updatecumulative_release3
Hcltech ≫ Connections Version8.0 Updatecumulative_release4
Hcltech ≫ Connections Version8.0 Updatecumulative_release5
Hcltech ≫ Connections Version8.0 Updatecumulative_release6
Hcltech ≫ Connections Version8.0 Updatecumulative_release7
Hcltech ≫ Connections Version8.0 Updatecumulative_release8
Hcltech ≫ Connections Version8.0 Updatecumulative_release9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.081 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@hcl.com | 3.5 | 2.1 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
|
CWE-213 Exposure of Sensitive Information Due to Incompatible Policies
The product's intended functionality exposes information to certain actors in accordance with the developer's security policy, but this information is regarded as sensitive according to the intended security policies of other stakeholders such as the product's administrator, users, or others whose information is being processed.