CVE-2025-52646

| EUVD-2025-208741 LOW
2026-03-16 [email protected]
2.2
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 16, 2026 - 15:30 euvd
EUVD-2025-208741
Analysis Generated
Mar 16, 2026 - 15:30 vuln.today
CVE Published
Mar 16, 2026 - 15:16 nvd
LOW 2.2

Tags

Information Disclosure SQLi

Description

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific conditions.

Analysis

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries.

Technical Context

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls.

Remediation

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

Priority Score

11
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +11
POC: 0

Share

CVE-2025-52646 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy