CVE-2025-62312
published 2026-05-14CVE-2025-62312: HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose…
PriorityP413low3CVSS 3.1
AVAACLPRLUIRSUCLINAN
EPSS
0.14%
3.5th percentile
HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse, especially if not combined with secure transmission practices.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hcl | aion | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
HCL AION 2.1.0 insufficiently protected credentials (KB0130636)
vuldb·2026-05-14·CVSS 3.0
CVE-2025-62312 [LOW] HCL AION 2.1.0 insufficiently protected credentials (KB0130636)
A vulnerability categorized as problematic has been discovered in HCL AION 2.1.0. This affects an unknown function. Executing a manipulation can lead to insufficiently protected credentials.
This vulnerability is registered as CVE-2025-62312. It is possible to launch the attack remotely. No exploit is available.
GHSA
GHSA-6326-6jqq-gxgp: HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication
ghsa_unreviewed·2026-05-14
CVE-2025-62312 [LOW] CWE-522 GHSA-6326-6jqq-gxgp: HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication
HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse, especially if not combined with secure transmission practices.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-14
Published