Brute-Force Authentication Flaw in HCL AION Software
CVE-2025-62313

5.4MEDIUM

Key Information:

Vendor: HCL Software
Status: Aion
Vendor: CVE Published:; 14 May 2026

🔔 Create HCL Software Vulnerability Alert

What is CVE-2025-62313?

HCL AION is impacted by a vulnerability that lacks sufficient safeguards against brute-force attack attempts. This weakness may allow an adversary to execute repeated authentication requests, potentially resulting in unauthorized access to user accounts. Organizations using HCL AION should actively monitor their login processes and implement additional security measures to mitigate the risks associated with this vulnerability.

Affected Version(s)

AION 2.1.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
Oct 10, 2025

CVE-2025-62313 Data

JSON