CNNVD-202602-313 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-313
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION 2.0版本存在安全漏洞,该漏洞源于Cookie缺少或不安全SameSite属性,可能导致跨站请求伪造攻击。
Description (English)
HCL AION is an AI life-cycle management platform for HCL India. There is a security loophole in HCL AION version 2.0, which stems from Cookie ’ s lack or insecurity of SameSite attributes, which may lead to cross-site requests for false attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
HCL
Published
2026-02-03
Last Modified
2026-02-24
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972 https://access.redhat.com/security/cve/cve-2025-52628
Patch
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972
Share on: