CVE-2025-52642

EPSS 0.01%
Veröffentlicht 16.03.2026 14:45:23
Zuletzt bearbeitet 23.03.2026 14:35:37
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL AION is affected by a vulnerability where internal filesystem paths may be exposed through application responses or system behaviour. Exposure of internal paths may reveal environment structure details which could potentially aid in further targeted attacks or information disclosure.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Aion Version >= 2.0 < 2.1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.015

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
psirt@hcl.com	3.3	0.8	2.5	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-52642

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-52642

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-52642

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-52642