Information Disclosure Vulnerability in HCL Connections
CVE-2025-52603

3.5LOW

Key Information:

Vendor: HCL Softwaresoftware
Status: Connections
Vendor: CVE Published:; 20 February 2026

🔔 Create HCL Softwaresoftware Vulnerability Alert

What is CVE-2025-52603?

HCL Connections contains a vulnerability that may lead to information disclosure under specific user navigation conditions. This issue arises when limited internal metadata is unintentionally exposed in the browser, potentially allowing users to access restricted information that should remain confidential. It is crucial for organizations using HCL Connections to be aware of this vulnerability and take necessary steps to mitigate risks associated with unauthorized data exposure.

Affected Version(s)

Connections 7.0, 8.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2026
Vulnerability Reserved
Jun 18, 2025

CVE-2025-52603 Data

JSON