CVE-2025-52644 MEDIUM

CVE-2025-52644: HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged.

Vendor Hcl
Product AION
Published March 16, 2026
Last update March 16, 2026

CVSS base score

5.8/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

What the vulnerability does

01Description

HCL AION is affected by a vulnerability where certain user actions are not adequately audited or logged. The absence of proper auditing mechanisms may reduce traceability of user activities and could potentially impact monitoring, accountability, or incident investigation processes.

Key dates

02Disclosure timeline

March 16, 2026 CVE published
March 16, 2026 Record updated