Primary

Context

HCL AION Exposure of Sensitive Information Vulnerability

Vulnerability

A vulnerability allowing the exposure of sensitive information to unauthorized actors exists in HCL AION version 2.0. This issue was identified during a Dynamic Application Security Testing assessment, which revealed that certain system endpoints may be inadequately protected, potentially allowing unauthorized access to sensitive data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, such as credentials or system details.

Remediation

Users can upgrade to HCL AION version 2.0.1, which addresses this vulnerability. For assistance with the upgrade process, contact the HCL AION Product support team.

Added: Oct 10, 2025, 10:17 AM

Updated: Oct 10, 2025, 10:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL AION Exposure of Sensitive Information Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating