CVE-2025-52638

MEDIUM

5.6

Beschreibung

HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible.

CVE Details

CVSS v3.1 Bewertung5.6

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H

AngriffsvektorLOCAL

KomplexitatHIGH

Erforderliche PrivilegienHIGH

BenutzerinteraktionREQUIRED

Veroffentlicht3/16/2026

Zuletzt geandert3/27/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

hcl:aion

Schwachen (CWE)

CWE-345

Referenzen

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410(psirt@hcl.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.