CNNVD-202601-3035 Information

CNNVD ID

CNNVD-202601-3035

Related CVE

CVE-2025-52659

• CNNVD Published: 2026-01-19

Description (Chinese)

HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION 2版本存在安全漏洞，该漏洞源于可缓存的HTTP响应，可能导致敏感或动态内容被意外存储，造成未经授权的访问或信息泄露。

Description (English)

HCL AION is an AI life-cycle management platform for HCL India. HCL AION version 2 contains a security loophole that originates from a cached HTTP response and may lead to the accidental storage of sensitive or dynamic content, resulting in unauthorized access or disclosure of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

HCL

Published

2026-01-19

Last Modified

2026-02-24

References

https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b&searchTerm=kb0127995# https://access.redhat.com/security/cve/cve-2025-52659

Patch

https://www.hcl-software.com/aion