HCL Traveler Information Disclosure Vulnerability Allowing Targeted Attacks

Vulnerability

An information disclosure vulnerability has been identified in HCL Traveler. The application generates error messages that reveal detailed information about errors and failures, including internal paths, file names, sensitive tokens, credentials, error codes, and stack traces. This information could be exploited by attackers to gain insights into the system's architecture and potentially launch targeted attacks.

Impact

Exploitation of this vulnerability could lead to unauthorized information disclosure, allowing attackers to gather sensitive data that could be used to understand the system's architecture and plan targeted attacks.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL Traveler Information Disclosure Vulnerability Allowing Targeted Attacks

Vulnerability

Impact

Affected Products

HCL Traveler

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating