CVE-2025-0249

EPSS 0.06%
Veröffentlicht 25.07.2025 00:15:24
Zuletzt bearbeitet 09.10.2025 19:55:41
Quelle psirt@hcl.com
CVE-Watchlists
Login
Unerledigt
Login

HCL IEM is affected by an improper invalidation of access or JWT token vulnerability

HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token was not invalidated which may allow attackers to access sensitive data without authorization.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hcltech ≫ Intelliops Event Management Version1.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.175

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@hcl.com	3.3	0.7	2.5	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-0249

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-0249

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-0249

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-0249