CVE-2025-31998

Summary

HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareUnica Centralized Offer Management<=25.1affected

Weaknesses

  • CWE-703: CWE-703 Improper Check or Handling of Exceptional Conditions
  • CWE-209: CWE-209 Generation of Error Message Containing Sensitive Information

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References