CVE-2025-62319

{"id": "CVE-2025-62319", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2026-03-16T16:16:13.167", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410", "tags": ["Not Applicable"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Boolean-Based SQL Injection is a type of blind SQL injection where an attacker manipulates SQL queries by injecting Boolean conditions (TRUE or FALSE) into application input fields. Instead of returning database errors or visible data, the application responds differently depending on whether the injected condition evaluates to true or false. This allows an attacker to inject arbitrary SQL into backend configuration queries executed within the application."}, {"lang": "es", "value": "La Inyecci\u00f3n SQL Basada en Booleanos es un tipo de inyecci\u00f3n SQL ciega donde un atacante manipula consultas SQL inyectando condiciones booleanas (VERDADERO o FALSO) en campos de entrada de la aplicaci\u00f3n. En lugar de devolver errores de la base de datos o datos visibles, la aplicaci\u00f3n responde de manera diferente dependiendo de si la condici\u00f3n inyectada se eval\u00faa como verdadera o falsa. Esto permite a un atacante inyectar SQL arbitrario en consultas de configuraci\u00f3n de backend ejecutadas dentro de la aplicaci\u00f3n."}], "lastModified": "2026-06-05T18:57:31.510", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:unica:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62F6C9EE-1E48-4706-AE2F-BDF3C91ED09B", "versionEndExcluding": "25.1.1.0.1"}, {"criteria": "cpe:2.3:a:hcltech:unica_audience_central:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEB22408-2278-4A8B-9C5E-D7F2995B3CED", "versionEndExcluding": "25.1.1.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}