Insecure Direct Object References in HCL Unica Centralized Offer Management
CVE-2025-31997
4.2MEDIUM
What is CVE-2025-31997?
HCL Unica Centralized Offer Management is susceptible to Insecure Direct Object References (IDOR), permitting attackers to circumvent authorization mechanisms and directly access system resources. This may include sensitive database records and files, potentially leading to unauthorized data exposure.
Affected Version(s)
Unica Centralized Offer Management <=25.1