CVE-2025-0279
Last modified
CVE-2025-0279 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks.. EPSS estimates a 0.26% chance of exploitation in the next 30 days.
Description
HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, file names, sensitive tokens, credentials, error codes, or stack traces. Attackers could exploit this information to gain insights into the system's architecture and potentially launch targeted attacks.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hcltech | Traveler | <= 14.0.0.1 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-0279?
How severe is CVE-2025-0279?
How do I fix CVE-2025-0279?
Are you affected by CVE-2025-0279?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST