HCL Unica MaxAI Workbench is vulnerable to improper input validation

3.5 / 10

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Description

HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to exploit vulnerabilities such as SQL Injection, XSS, or command injection, leading to unauthorized access or data breaches, etc.

Basic Information

ID CVE-2025-31995

Source HCL

Published Oct 13, 2025 at 04:58

Affected Product

Vendor HCL Software

Product MaxAI Workbench

Version v12.1.10 - v25.1

Affected Versions HCL Software MaxAI Workbench v12.1.10 - v25.1

CWE Classification

CWE-20

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL Unica MaxAI Workbench is vulnerable to improper input validation.  This allows attackers to exploit vulnerabilities such as SQL Injection, XSS, or command injection, leading to unauthorized access or data breaches, etc.",
    "published": "2025-10-13T04:58:20.465Z",
    "modified": "2025-10-13T04:58:20.465Z",
    "type": "cve",
    "title": "HCL Unica MaxAI Workbench is vulnerable to improper input validation",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124425",
    "id": "CVE-2025-31995",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "HCL Software MaxAI Workbench v12.1.10 - v25.1",
    "sourceHref": "",
    "cvss": {
        "score": 3.5,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MaxAI Workbench",
    "version": "v12.1.10 - v25.1",
    "vendor": "HCL Software",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

HCL Unica MaxAI Workbench is vulnerable to improper input validation_CVE-2025-31995