CNNVD-202602-317 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-317
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION 2.0版本存在安全漏洞,该漏洞源于缺少或不安全的HTTP严格传输安全标头,可能导致中间人攻击。
Description (English)
HCL AION is an AI life-cycle management platform for HCL India. There is a security loophole in HCL AION version 2.0, which stems from the lack or insecurity of HTTP strictly transmitting security markers, which may lead to attacks by intermediaries.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
HCL
Published
2026-02-03
Last Modified
2026-02-24
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972 https://access.redhat.com/security/cve/cve-2025-52631
Patch
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972
Share on: