CVE-2025-52603

Summary

HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser.

Affected Software

VendorProductVersion RangeStatus
HCLSoftwareConnections7.0, 8.0affected

Weaknesses

  • CWE-213: CWE-213 Exposure of Sensitive Information Due to Incompatible Schemas

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References