HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels
The application transmits internal backend service information over unencrypted HTTP connections. This makes it possible for attackers to intercept and view sensitive details about your system architecture or data. Attackers could gain unauthorized access during transmission under certain conditions.
HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions
Organizations using HCL AION face a medium risk of exposing sensitive backend service information to interception due to insecure HTTP transmissions.
Monitor & Review
Low severity — keep this CVE on your radar and patch during routine maintenance.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
0
Affected Products
1
References
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
Exploitability
Impact