CVE-2025-52633

{"id": "CVE-2025-52633", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 0.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2026-02-03T19:16:12.827", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127972", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-539"}]}], "descriptions": [{"lang": "en", "value": "HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0."}, {"lang": "es", "value": "HCL AION est\u00e1 afectado por una vulnerabilidad de Cookie Permanente que Contiene Informaci\u00f3n Sensible de Sesi\u00f3n. Almacenar datos sensibles de sesi\u00f3n en cookies persistentes puede aumentar el riesgo de acceso no autorizado si las cookies son interceptadas o comprometidas. Este problema afecta a AION: 2.0."}], "lastModified": "2026-04-27T18:34:56.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:aion:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEBB7E38-04AE-436B-8F21-65FF3CA3CECC"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}