{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-59853","assignerOrgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","state":"PUBLISHED","assignerShortName":"HCL","dateReserved":"2025-09-22T14:59:58.052Z","datePublished":"2026-05-06T10:26:25.727Z","dateUpdated":"2026-05-06T13:02:28.490Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","shortName":"HCL","dateUpdated":"2026-05-06T10:26:25.727Z"},"title":"HCL DFXAnalytics is affected by an Improper Error Handling vulnerability","datePublic":"2026-05-06T14:30:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-209","description":"CWE-209: Generation of Error Message Containing Sensitive Information","type":"CWE"}]}],"affected":[{"vendor":"HCL","product":"DFXAnalytics","versions":[{"status":"affected","version":"3.1 and below"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations.","supportingMedia":[{"type":"text/html","base64":false,"value":"HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to gain insights into the application's internal structure, code logic, and environment configurations."}]}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130569"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE","baseSeverity":"LOW","baseScore":3.1,"vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 1.0.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-05-06T12:29:02.256404Z","id":"CVE-2025-59853","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-06T13:02:28.490Z"}}]}}