{"api_version":"1","generated_at":"2026-05-27T19:46:43+00:00","cve":"CVE-2025-62308","urls":{"html":"https://cve.report/CVE-2025-62308","api":"https://cve.report/api/cve/CVE-2025-62308.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-62308","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-62308"},"summary":{"title":"HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed","description":"HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions","state":"PUBLISHED","assigner":"HCL","published_at":"2026-05-14 17:16:17","updated_at":"2026-05-14 17:22:46"},"problem_types":["CWE-201","CWE-201 CWE-201: Insertion of Sensitive Information Into Sent Data"],"metrics":[{"version":"3.1","source":"psirt@hcl.com","type":"Secondary","score":"5.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.1","severity":"MEDIUM","vector":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","data":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":5.1,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","version":"3.1"}}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636","name":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636","refsource":"psirt@hcl.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-62308","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62308","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"HCL","product":"AION","version":"affected 2.1.0","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"62308","cve":"CVE-2025-62308","epss":"0.000290000","percentile":"0.086500000","score_date":"2026-05-25","updated_at":"2026-05-26 00:10:59"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"AION","vendor":"HCL","versions":[{"status":"affected","version":"2.1.0"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions"}],"value":"HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions"}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"LOW","baseScore":5.1,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-201","description":"CWE-201: Insertion of Sensitive Information Into Sent Data","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-05-14T16:12:39.710Z","orgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","shortName":"HCL"},"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130636"}],"source":{"discovery":"UNKNOWN"},"title":"HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed","x_generator":{"engine":"Vulnogram 1.0.0"}}},"cveMetadata":{"assignerOrgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","assignerShortName":"HCL","cveId":"CVE-2025-62308","datePublished":"2026-05-14T16:12:39.710Z","dateReserved":"2025-10-10T09:04:16.877Z","dateUpdated":"2026-05-14T16:12:39.710Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-14 17:16:17","lastModifiedDate":"2026-05-14 17:22:46","problem_types":["CWE-201","CWE-201 CWE-201: Insertion of Sensitive Information Into Sent Data"],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.9,"impactScore":3.7}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"62308","Ordinal":"1","Title":"HCL AION is affected by a vulnerability where sensitive backend ","CVE":"CVE-2025-62308","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"62308","Ordinal":"1","NoteData":"HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system architecture or configuration details, which may potentially assist in further analysis or targeted actions under certain conditions","Type":"Description","Title":"HCL AION is affected by a vulnerability where sensitive backend "}]}}}