Exposed Backend Infrastructure Details in HCL AION
CVE-2025-62308

5.1MEDIUM

Key Information:

Vendor: HCL Software
Status: Aion
Vendor: CVE Published:; 14 May 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-62308?

HCL AION has a security issue that could lead to the exposure of sensitive backend infrastructure details. This vulnerability may allow unauthorized individuals to gain insight into internal system architecture or configuration specifics. Such exposure could facilitate further exploitation by enabling targeted actions, thereby increasing the risk of a potential security breach.

Affected Version(s)

AION 2.1.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Oct 10, 2025

CVE-2025-62308 Data

JSON