Primary

Context

HCL AION Cacheable SSL Page Vulnerability

Vulnerability

A vulnerability allowing cached SSL pages to expose sensitive information has been identified in HCL AION version 2.0. This issue arises because cached data may reveal credentials, system identifiers, or internal file paths to attackers with access to the device or browser.

Impact

Exploitation of this vulnerability could lead to the unauthorized disclosure of sensitive information such as credentials, system identifiers, or internal file paths.

Remediation

This vulnerability has been fixed in HCL AION version 2.0.1. Customers using older versions should upgrade to 2.0.1, and the HCL AION Product support team will assist with the upgrade process.

Added: Oct 10, 2025, 11:23 AM

Updated: Oct 10, 2025, 11:23 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL AION Cacheable SSL Page Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating