8.2

CVE-2025-52644

EPSS 0.04%
Veröffentlicht 16.03.2026 14:29:03
Zuletzt bearbeitet 18.03.2026 20:40:06
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Aion Version >= 2.0 < 2.1.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.104

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
psirt@hcl.com	5.8	1	4.7	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

CWE-778 Insufficient Logging

When a security-critical event occurs, the product either does not record the event or omits important details about the event when logging it.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-52644

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-52644

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-52644

EUVD