CVE-2025-31998
3.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Summary
HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HCL Software | Unica Centralized Offer Management | <=25.1 | affected |
Weaknesses
- CWE-703: CWE-703 Improper Check or Handling of Exceptional Conditions
- CWE-209: CWE-209 Generation of Error Message Containing Sensitive Information
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.