MEDIUM🇬🇧 English

CVE-2025-52644

CVSS 5.8v3.1pub. 2026-03-16upd. 2026-04-28

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L
  • Hcltech Aion

    APP
    Hcltech
    2.0.0 – 2.1.2 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-52650HIGH8.2ten sam produkt

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0

CVE-2025-52643MEDIUM4.7ten sam produkt

HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a prop...

CVE-2025-52628MEDIUM4.6ten sam produkt

HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow c...

CVE-2025-52627MEDIUM5.5ten sam produkt

Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications...

CVE-2025-52626MEDIUM4.5ten sam produkt

A Potential Command Injection vulnerability in HCL AION.  An This can allow unintended command execution, po...