CVE-2025-0278

{"id": "CVE-2025-0278", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-04-03T22:15:16.563", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120335", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-497"}]}], "descriptions": [{"lang": "en", "value": "HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests."}, {"lang": "es", "value": "HCL Traveler se ve afectado por una divulgaci\u00f3n de ruta interna en una aplicaci\u00f3n de Windows cuando la aplicaci\u00f3n revela inadvertidamente rutas de archivos internas, en mensajes de error, registros de depuraci\u00f3n o respuestas a solicitudes de usuario."}], "lastModified": "2025-10-10T16:47:30.307", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:traveler:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88054BA7-F9D1-41E4-AEA8-D362CEB4A4CC", "versionEndIncluding": "14.0.0.1"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}