CVE-2025-52625 LOW

CVE-2025-52625: HCL AION is susceptible to Cacheable SSL Page Found vulnerability

Vendor Hcl
Product AION
Weakness CWE-525
Published October 10, 2025
Last update October 10, 2025

CVSS base score

3.7/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

A vulnerability  Cacheable SSL Page Found vulnerability has been identified in HCL AION.  Cached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser This issue affects AION: 2.0.

Key dates

02Disclosure timeline

October 10, 2025 CVE published
October 10, 2025 Record updated