Home

Description

A Cross-Site Request Forgery (CSRF) vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint.

PUBLISHED Reserved 2025-10-10 | Published 2025-11-20 | Updated 2025-11-20 | Assigner HCL




MEDIUM: 6.8CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-352 Cross-Site Request Forgery (CSRF)

Product status

Default status
unaffected

<=S05.25
affected

Credits

Md. Asif Hossain finder

References

support.hcl-software.com/...rticle&sysparm_article=KB0126459

cve.org (CVE-2025-62346)

nvd.nist.gov (CVE-2025-62346)

Download JSON