3.1

CVE-2025-52633

EPSS 0.04%
Veröffentlicht 03.02.2026 18:00:05
Zuletzt bearbeitet 11.02.2026 15:09:32
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Aion Version2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.109

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.4	0.9	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
psirt@hcl.com	3.1	0.5	2.5	CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L

CWE-539 Use of Persistent Cookies Containing Sensitive Information

The web application uses persistent cookies, but the cookies contain sensitive information.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-52633

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-52633

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-52633

EUVD