CVE-2025-31998 | THREATINT

Description

HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service.

PUBLISHED Reserved 2025-04-01 | Published 2025-10-12 | Updated 2025-10-12 | Assigner HCL

LOW: 3.5CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

Problem types

CWE-703 Improper Check or Handling of Exceptional Conditions

CWE-209 Generation of Error Message Containing Sensitive Information

Product status

Default status

unaffected

<=25.1

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0124422

cve.org (CVE-2025-31998)

nvd.nist.gov (CVE-2025-31998)

Download JSON