Unhandled Exception Vulnerability in HCL iControl Product by HCL Software
CVE-2025-52611
3.1LOW
What is CVE-2025-52611?
HCL iControl v4.0.0 is susceptible to an Unhandled Exception vulnerability that leads to Stack Trace Disclosure. This vulnerability arises when the application's JavaScript code improperly accesses an undefined property, specifically the 'dashboard' key from an undefined object. The failure to properly initialize or declare the required object can expose sensitive information about the application's internal structure and coding practices, potentially aiding an attacker in crafting further exploits. It is crucial for users of HCL iControl to apply patches or updates promptly to mitigate this vulnerability.
Affected Version(s)
iControl 4.0.0