{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-52625","assignerOrgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","state":"PUBLISHED","assignerShortName":"HCL","dateReserved":"2025-06-18T14:00:41.703Z","datePublished":"2025-10-10T10:28:53.219Z","dateUpdated":"2025-10-10T15:51:43.666Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"AION","vendor":"HCL","versions":[{"status":"affected","version":"2.0"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A vulnerability&nbsp;\n\nCacheable SSL Page Found vulnerability has been identified\n\n in HCL AION.&nbsp;\n\nCached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser\n\n<p>This issue affects AION: 2.0.</p>"}],"value":"A vulnerability \n\nCacheable SSL Page Found vulnerability has been identified\n\n in HCL AION. \n\nCached data may expose credentials, system identifiers, or internal file paths to attackers with access to the device or browser\n\nThis issue affects AION: 2.0."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":3.7,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-525","description":"CWE-525","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","shortName":"HCL","dateUpdated":"2025-10-10T10:28:53.219Z"},"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124444"}],"source":{"discovery":"UNKNOWN"},"title":"HCL AION is susceptible to Cacheable SSL Page Found vulnerability","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-10-10T15:51:19.546453Z","id":"CVE-2025-52625","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-10T15:51:43.666Z"}}]}}