Unauthorized Database Access in HCL Compass by HCL Technologies
CVE-2025-0280
7.5HIGH
What is CVE-2025-0280?
A vulnerability in HCL Compass has been identified that allows attackers to gain unauthorized access to the underlying database. This can lead to exposure and manipulation of sensitive data, posing serious risks to data integrity and confidentiality. Admins are advised to assess their environments and take steps to mitigate potential exploitation.
Affected Version(s)
Compass <= 2.2.7