CVE-2025-31961

Опубликовано: 15 авг. 2025

Источник: nvd

CVSS3: 3.7

CVSS3: 4.6

EPSS Низкий

Описание

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123268
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:connections:8.0:-:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release1:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release10:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release2:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release3:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release4:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release5:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release6:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release7:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release8:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release9:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00027

Низкий

3.7 Low

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-1220

Связанные уязвимости

GHSA-7qhv-fqv8-j7x8

CVSS3: 3.7

github

6 месяцев назад

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.

EPSS

Процентиль: 7%

0.00027

Низкий

3.7 Low

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-1220