CVE-2025-31997

HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR)

Description

HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR). An attacker can bypass authorization and access resources in the system directly, for example database records or files.

INFO

Published Date :

2025-10-12T02:27:25.913Z

Last Modified :

2025-10-14T14:53:48.041Z

Source :

HCL

AFFECTED PRODUCTS

The following products are affected by CVE-2025-31997 vulnerability.

Vendors	Products
Hcltech	Unica Unica Centralized Offer Management

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-31997.

URL	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124422

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact