HCL AION is affected by a vulnerability where internal filesystem paths may be exposed through application responses or system behaviour. Exposure of internal paths may reveal environment structure details which could potentially aid in further targeted attacks or information disclosure.
Weakness
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.
Potential Mitigations
Related Attack Patterns
References
- https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0129410