CVE-2025-0278

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 3, 2025

Updated: Apr 7, 2025

CWE ID 497

Summary

CVE-2025-0278 is a newly disclosed vulnerability that impacts HCL Traveler, a Windows application. The weakness allows for internal path disclosure, meaning that sensitive file paths are exposed unintentionally. This can occur through error messages, debug logs, or user requests, potentially leading to unauthorized access or further exploitation. HCL Traveler users are advised to apply the available patch or update as soon as possible to mitigate the risk. This vulnerability can enable attackers to navigate the system and access sensitive information, posing a significant security threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Traveler

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners