Sensitive Information Exposure in HCL Unica Centralized Offer Management
CVE-2025-31998

3.5LOW

Key Information:

Vendor: HCL Software Software
Status: Unica Centralized Offer Management
Vendor: CVE Published:; 12 October 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-31998?

HCL Unica Centralized Offer Management is vulnerable due to poor handling of exceptions, leading to unintended exposure of sensitive information. This flaw can enable attackers to utilize exposed data to exploit additional vulnerabilities, facilitating targeted attacks that may result in remote code execution or denial of service.

Affected Version(s)

Unica Centralized Offer Management <=25.1

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 12, 2025
Vulnerability Reserved
Apr 1, 2025

JSON