HCL Unica Centralized Offer Management is vulnerable to poor unhandled...

3.5 / 10

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

Description

HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service.

Basic Information

ID CVE-2025-31998

Source HCL

Published Oct 12, 2025 at 02:41

Affected Product

Vendor HCL Software

Product Unica Centralized Offer Management

Version <=25.1

Affected Versions HCL Software Unica Centralized Offer Management <=25.1

CWE Classification

CWE-703 CWE-209

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information.  An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service.",
    "published": "2025-10-12T02:41:16.694Z",
    "modified": "2025-10-12T02:41:16.694Z",
    "type": "cve",
    "title": "HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124422",
    "id": "CVE-2025-31998",
    "bulletinFamily": "",
    "cwe": [
        "CWE-703",
        "CWE-209"
    ],
    "cvelist": null,
    "sourceData": "HCL Software Unica Centralized Offer Management <=25.1",
    "sourceHref": "",
    "cvss": {
        "score": 3.5,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Unica Centralized Offer Management",
    "version": "<=25.1",
    "vendor": "HCL Software",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information_CVE-2025-31998