CVE-2025-52638— HCL AION 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-52638の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Multiple security vulnerabilities affect HCL AION
ソース: NVD (National Vulnerability Database)
脆弱性説明
HCL AION is affected by a vulnerability where generated containers may execute binaries with root-level privileges. Running containers with root privileges may increase the potential security risk, as it grants elevated permissions within the container environment. Aligning container configurations with security best practices requires minimizing privileges and avoiding root-level execution wherever possible.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
HCL AION 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
HCL AION是印度HCL公司的一款AI生命周期管理平台。 HCL AION存在安全漏洞,该漏洞源于容器基础镜像未正确认证,可能导致使用不受信任的容器镜像。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2025-52638の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-52638のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · HCL · 2026-03-16 · 11 CVEs total
| CVE-2025-62319 | 9.8 CRITICAL | Boolean-Based SQL Injection in Multiple Unica Components |
| CVE-2025-52644 | 5.8 MEDIUM | HCL AION is affected by a vulnerability where certain user actions are not adequately audi |
| CVE-2025-52648 | 4.8 MEDIUM | HCL AION 安全漏洞 |
| CVE-2025-52643 | 4.7 MEDIUM | HCL AION is affected by a vulnerability where untrusted file parsing operations are not ex |
| CVE-2025-52637 | 4.5 MEDIUM | Multiple security vulnerabilities affect HCL AION |
| CVE-2025-52642 | 3.3 LOW | HCL AION is affected by an internal filesystem paths disloser vulnerability |
| CVE-2025-52646 | 2.2 LOW | HCL AION is affected by a vulnerability where certain offering configurations may permit e |
| CVE-2025-52645 | 1.9 LOW | HCL AION is affected by a vulnerability where model packaging and distribution mechanisms |
| CVE-2025-52649 | 1.8 LOW | HCL AION is affected by a vulnerability where certain identifiers may be predictable in na |
| CVE-2025-52636 | 1.8 LOW | HCL AION is affected by a improper handling of uploads files Size |
IV. 関連脆弱性
同じ製品: AION
- CVE-2025-52641
Internal Filesystem Exploration vulnerability - CVE-2025-52642
HCL AION is affected by an internal filesystem paths dislose - CVE-2025-52646
HCL AION is affected by a vulnerability where certain offeri - CVE-2025-52645
HCL AION is affected by a vulnerability where model packagin - CVE-2025-52649
HCL AION is affected by a vulnerability where certain identi
同じベンダー: HCL
- CVE-2024-30151
HCL BigFix Service Management (SM) is susceptible to Broken - CVE-2025-31960
HCL BigFix Service Management (SM) is vulnerable to informat - CVE-2025-31975
HCL BigFix Service Management (SM) is affected by an Informa - CVE-2025-52613
HCL BigFix Service Management (SM) is affected by use of a v - CVE-2025-31984
HCL BigFix Service Management (SM) is affected by a security
V. CVE-2025-52638へのコメント
まだコメントはありません