CVE-2025-52633 | THREATINT

Description

HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0.

PUBLISHED Reserved 2025-06-18 | Published 2026-02-03 | Updated 2026-02-03 | Assigner HCL

LOW: 3.1CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L

Problem types

CWE-539

Product status

Default status

unaffected

2.0

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0127972

cve.org (CVE-2025-52633)

nvd.nist.gov (CVE-2025-52633)

Download JSON