CVE-2025-0278

HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120335

Configurations

No configuration.

History

07 Apr 2025, 14:18

Type	Values Removed	Values Added
Summary		(es) HCL Traveler se ve afectado por una divulgación de ruta interna en una aplicación de Windows cuando la aplicación revela inadvertidamente rutas de archivos internas, en mensajes de error, registros de depuración o respuestas a solicitudes de usuario.

03 Apr 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-03 22:15

Updated : 2025-04-07 14:18

NVD link : CVE-2025-0278

Mitre link : CVE-2025-0278

CVE.ORG link : CVE-2025-0278

JSON object : View

Products Affected

No product.

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

4.3 /10