CVE-2025-31997

HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR)

CVSS 4.2 MEDIUMEPSS 0.2%CWE-639

HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR). An attacker can bypass authorization and access resources in the system directly, for example database records or files.

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N

Productos afectados

HCL Software · Unica Centralized Offer Management

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124422