3
CVE-2025-62312
- EPSS 0.14%
- Veröffentlicht 14.05.2026 16:09:35
- Zuletzt bearbeitet 14.05.2026 17:22:46
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication
HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse, especially if not combined with secure transmission practices.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerHCL
≫
Produkt
AION
Default Statusunaffected
Version
2.1.0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.034 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@hcl.com | 3 | 1.5 | 1.4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
|
CWE-522 Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636