HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of image signing may allow the use of unverified or tampered images, potentially leading to security risks such as integrity compromise or unintended behavior in the system
Weakness
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Related Attack Patterns
References
- https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0129410