CSRF Vulnerability in HCL Glovius Cloud
CVE-2025-62346

6.8MEDIUM

Key Information:

Vendor: HCL Software Software
Status: Glovius Cloud
Vendor: CVE Published:; 20 November 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-62346?

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in HCL Glovius Cloud, allowing attackers to exploit a user's authenticated session. This occurs when a malicious entity tricks the user's web browser into making unauthorized requests to a trusted site, potentially leading to significant security concerns if exploited. Users of HCL Glovius Cloud are advised to implement protective measures to safeguard against this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Glovius Cloud <=S05.25

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2025
Vulnerability Reserved
Oct 10, 2025

Credit

Md. Asif Hossain

JSON

HCL Software Software

What is CVE-2025-62346?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.