CVE-2025-31961
LOWDescription
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-31961? +
How severe is CVE-2025-31961? +
What products are affected by CVE-2025-31961? +
How do I check if I'm vulnerable to CVE-2025-31961? +
Related Vulnerabilities
Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially …
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain …
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application …
This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS …
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through …
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate …