CVE-2025-0279

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Apr 3, 2025

Updated: Apr 7, 2025

CWE ID 209

Summary

CVE-2025-0279 refers to a vulnerability in HCL Traveler where error messages contain sensitive information. These messages disclose internal paths, file names, error codes, and potentially credentials or stack traces. An attacker could exploit this information to gain insights into the system's architecture and launch targeted attacks. This vulnerability poses a significant risk if not addressed promptly, as the leaked details could be used to plan and execute more sophisticated attacks. It is essential for organizations using HCL Traveler to apply the necessary patches or mitigations to prevent the exposure of sensitive information through error messages.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Traveler

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners