CVE-2025-62311

Summary

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions

Affected Software

VendorProductVersion RangeStatus
HCLAION2.1.0affected

Weaknesses

  • CWE-319: CWE-319: Cleartext Transmission of Sensitive Information.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References