LOW🇵🇱 Wersja polska

CVE-2025-52633

CVSS 3.1v3.1pub. 2026-02-03upd. 2026-04-27

HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L
  • Hcltech Aion

    APP
    Hcltech
    2.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-52650HIGH8.2ten sam produkt

Inline script execution allowed in CSP vulnerability has been identified in HCL AION v2.0

CVE-2025-52644MEDIUM5.8ten sam produkt

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The a...

CVE-2025-52643MEDIUM4.7ten sam produkt

HCL AION is affected by a vulnerability where untrusted file parsing operations are not executed within a prop...

CVE-2025-52628MEDIUM4.6ten sam produkt

HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow c...

CVE-2025-52627MEDIUM5.5ten sam produkt

Root File System Not Mounted as Read-Only configuration vulnerability. This can allow unintended modifications...