CVE-2025-55249

{"id": "CVE-2025-55249", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2026-01-19T18:16:04.070", "references": [{"url": "https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b&searchTerm=kb0127995#", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-693"}]}], "descriptions": [{"lang": "en", "value": "HCL AION is affected by a Missing Security Response Headers vulnerability. The absence of standard security headers may weaken the application\u2019s overall security posture and increase its susceptibility to common web-based attacks."}, {"lang": "es", "value": "HCL AION est\u00e1 afectado por una vulnerabilidad de encabezados de respuesta de seguridad faltantes. La ausencia de encabezados de seguridad est\u00e1ndar puede debilitar la postura de seguridad general de la aplicaci\u00f3n y aumentar su susceptibilidad a ataques comunes basados en la web."}], "lastModified": "2026-04-25T18:05:11.263", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:aion:2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEBB7E38-04AE-436B-8F21-65FF3CA3CECC"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}