Out-of-Band Interaction Vulnerability in HCL AION Software
CVE-2025-62305

5.1MEDIUM

Key Information:

Vendor: HCL Software
Status: Aion
Vendor: CVE Published:; 14 May 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-62305?

HCL AION is prone to a vulnerability that allows specific operations to inadvertently trigger out-of-band interactions. This can potentially lead to the unintended disclosure of sensitive data to external systems under certain conditions, posing a risk to the confidentiality of sensitive information.

Affected Version(s)

AION 2.1.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Oct 10, 2025

CVE-2025-62305 Data

JSON