CVE-2025-31996 MEDIUM

CVE-2025-31996: Unprotected files are impacting HCL Unica Platform

Vendor Hcl Software
Product Unica Platform
Weakness CWE-552 · Files accessible externally
Published October 13, 2025
Last update October 14, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

HCL Unica Platform is affected by unprotected files due to improper access controls.  These files may contain sensitive information such as private or system information that can be exploited by attackers to compromise the application, infrastructure, or users.

Key dates

02Disclosure timeline

October 13, 2025 CVE published
October 14, 2025 Record updated