CVE-2025-52648

MEDIUM

4.8

Beschreibung

HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of image signing may allow the use of unverified or tampered images, potentially leading to security risks such as integrity compromise or unintended behavior in the system

CVE Details

CVSS v3.1 Bewertung4.8

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionREQUIRED

Veroffentlicht3/16/2026

Zuletzt geandert3/27/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

hcl:aion

Schwachen (CWE)

CWE-347

Referenzen

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410(psirt@hcl.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.