4.3

CVE-2026-21783

EPSS 0.01%
Veröffentlicht 24.03.2026 19:48:39
Zuletzt bearbeitet 31.03.2026 21:02:00
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL Traveler is affected by sensitive information disclosure

HCL Traveler is affected by sensitive information disclosure.  The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces.  Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Traveler Version < 14.5.1.0

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.019

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@hcl.com	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-209 Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129139

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-21783

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-21783

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-21783

EUVD