CVE-2025-55251
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-19
Last updated on: 2026-04-25
Assigner: HCL Software
Description
Description
HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcltech | aion | 2.0.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in HCL AION is an Unrestricted File Upload issue, which means attackers can upload malicious files without proper restrictions. This can lead to unauthorized code execution or compromise of the system.
How can this vulnerability impact me? :
The impact of this vulnerability includes potential unauthorized code execution and system compromise, which could allow attackers to take control of the affected system or disrupt its normal operation.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70