CVE-2025-52616 – HCL Unica 12.1.10 exposes sensitive system info... (How to Fix)

Q: What is the severity of CVE-2025-52616?

CVE-2025-52616 has a CVSS score of 5.3 (MEDIUM). HCL Unica 12.1.10 exposes sensitive system information that could help attackers plan targeted attacks. This affects organizations using HCL Unica 12.1.10 where the vulnerability hasn't been patched.

📋 TL;DR

HCL Unica 12.1.10 exposes sensitive system information that could help attackers plan targeted attacks. This affects organizations using HCL Unica 12.1.10 where the vulnerability hasn't been patched.

💻 Affected Systems

Products:

HCL Unica

Versions: 12.1.10

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of HCL Unica 12.1.10 are affected by default.

📦 What is this software?

Unica by Hcltech

View all CVEs affecting Unica →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain detailed system information enabling targeted exploitation of other vulnerabilities, potentially leading to full system compromise.

🟠

Likely Case

Information disclosure helps attackers map the environment and plan subsequent attacks, increasing overall risk.

🟢

If Mitigated

Limited exposure with proper network segmentation and access controls, though information leakage still occurs.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of the application and ability to access the information disclosure endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply the fix from HCL support article KB0124230

Vendor Advisory: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124230

Restart Required: No

Instructions:

1. Access the HCL support portal. 2. Download the fix for KB0124230. 3. Apply the fix according to HCL documentation. 4. Verify the fix is applied.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to HCL Unica to trusted IP addresses only

Authentication Enforcement

all

Ensure all access to the application requires proper authentication

🧯 If You Can't Patch

Implement strict network segmentation and firewall rules to limit access
Monitor access logs for unusual information requests and implement alerting

🔍 How to Verify

Check if Vulnerable:

Check if HCL Unica version is 12.1.10 and review system information exposure

Check Version:

Check HCL Unica administration console or configuration files for version information

Verify Fix Applied:

Verify the fix from KB0124230 is applied and test that sensitive information is no longer exposed

📡 Detection & Monitoring

Log Indicators:

Unusual requests for system information endpoints
Multiple failed authentication attempts followed by information requests

Network Indicators:

Traffic patterns showing enumeration of system information endpoints

SIEM Query:

source="hcl-unica" AND (uri="*system*" OR uri="*info*" OR uri="*config*") AND status=200

📊 Metadata

CVE ID: CVE-2025-52616

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-497

EPSS Score: 0.06% exploit probability (18.5th percentile)

Published: October 12, 2025

Last Updated: October 21, 2025

🔗 References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124230 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-52616, you might also want to check these: