Description
HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this information to exploit known vulnerabilities launch targeted attacks, such as remote code execution or denial of service.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
- Attack Vector
- network
- Complexity
- low
- Privileges
- low
- User Action
- required
- Scope
- unchanged
- Confidentiality
- low
- Integrity
- none
- Availability
- none
- Weaknesses
- CWE-209CWE-703
Metadata
- Primary Vendor
- HCLTECH
- Published
- 10/12/2025
- Last Modified
- 10/29/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
hcltech : unica_centralized_offer_management
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.