4.3
CVE-2025-62311
- EPSS 0.08%
- Veröffentlicht 14.05.2026 16:06:57
- Zuletzt bearbeitet 14.05.2026 17:22:46
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels.
HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerHCL
≫
Produkt
AION
Default Statusunaffected
Version
2.1.0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.003 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@hcl.com | 4.3 | 0.9 | 3.4 |
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636