Primary

Context

HCL Unica Sensitive Information Exposure Vulnerability

Vulnerability

A vulnerability in HCL Unica versions 12.1.10 and prior, when using Tomcat, can lead to the exposure of sensitive system information. This information could potentially be exploited by an attacker to develop an attack strategy, leveraging known vulnerabilities within the application.

Impact

The vulnerability allows for the exposure of sensitive system information, which could be used to formulate an attack plan against the application.

Remediation

Users can mitigate this vulnerability by hiding server information in Tomcat. This can be done by creating a 'ServerInfo.properties' file in the 'tomcat/lib/org/apache/catalina/util' directory, adding a line to specify 'server.info=Application Server', and then saving the file and restarting Tomcat.

Added: Oct 12, 2025, 5:17 AM

Updated: Oct 12, 2025, 5:17 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.9

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

7.0

remediation

7.9

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL Unica Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

HCL Unica

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating