Unprotected Files in HCL Unica Platform Due to Improper Access Controls
CVE-2025-31996

5.3MEDIUM

Key Information:

Vendor: HCL Software Software
Status: Unica Platform
Vendor: CVE Published:; 13 October 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-31996?

The HCL Unica Platform is susceptible to exploitation due to improper access controls, which result in unprotected files. These files may hold sensitive data, including private user details and vital system information, increasing the risk of unauthorized access and potential exploitation by attackers. Safeguarding these files is essential to protecting the integrity of the application and its users.

Affected Version(s)

Unica Platform <= 25.1

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 13, 2025
Vulnerability Reserved
Apr 1, 2025

JSON