Misconfigured Security HTTP Headers in HCL Unica Platform
CVE-2025-52615

3.5LOW

Key Information:

Vendor: HCL Software Software
Status: Unica Platform
Vendor: CVE Published:; 12 October 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-52615?

The HCL Unica Platform is affected by a security issue due to misconfigured HTTP headers. This misconfiguration may allow browsers to apply less secure default treatments for various security policies controlled by those headers, potentially exposing the application to additional risks. Organizations using the platform should review their configuration settings to ensure that HTTP headers are properly set to maintain secure communications.

Affected Version(s)

Unica Platform <= 25.1

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 12, 2025
Vulnerability Reserved
Jun 18, 2025

JSON