HCL Traveler is affected by sensitive information disclosure_CVE-2026-21783

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks.

Basic Information

ID CVE-2026-21783

Source HCL

Published Mar 24, 2026 at 19:48

Modified Mar 24, 2026 at 20:31

Affected Product

Vendor HCLSoftware

Product Traveler

Version < 14.5.1.0

Affected Versions HCLSoftware Traveler < 14.5.1.0

CWE Classification

CWE-209

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL Traveler is affected by sensitive information disclosure.\u00a0 The application generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces.\u00a0 Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks.",
    "published": "2026-03-24T19:48:39.079Z",
    "modified": "2026-03-24T20:31:43.245Z",
    "type": "cve",
    "title": "HCL Traveler is affected by sensitive information disclosure",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129139",
    "id": "CVE-2026-21783",
    "bulletinFamily": "",
    "cwe": [
        "CWE-209"
    ],
    "cvelist": null,
    "sourceData": "HCLSoftware Traveler < 14.5.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Traveler",
    "version": "< 14.5.1.0",
    "vendor": "HCLSoftware",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}