Broken Access Control Vulnerability in HCL Connections
CVE-2025-15619

3.5LOW

Key Information:

Vendor: HCL Softwaresoftware
Status: Connections
Vendor: CVE Published:; 23 June 2026

🔔 Create HCL Softwaresoftware Vulnerability Alert

What is CVE-2025-15619?

HCL Connections is affected by a vulnerability that allows an unauthorized user to potentially access sensitive data due to broken access control mechanisms. This vulnerability can be exploited under specific circumstances, compromising data confidentiality and user privacy. Organizations using this platform should take immediate steps to assess their security posture and implement necessary measures to safeguard their information.

Affected Version(s)

Connections 7.0, 8.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2026
Vulnerability Reserved
Apr 1, 2026

CVE-2025-15619 Data

JSON