CVE-2025-0252
- EPSS 0.03%
- Veröffentlicht 25.07.2025 01:15:45
- Zuletzt bearbeitet 09.10.2025 19:55:25
HCL IEM is affected by a password in cleartext vulnerability. Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit.
CVE-2025-0253
- EPSS 0.05%
- Veröffentlicht 25.07.2025 01:15:45
- Zuletzt bearbeitet 09.10.2025 19:49:08
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.
CVE-2025-0251
- EPSS 0.05%
- Veröffentlicht 25.07.2025 01:15:44
- Zuletzt bearbeitet 09.10.2025 19:55:49
HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
CVE-2025-0249
- EPSS 0.05%
- Veröffentlicht 25.07.2025 00:15:24
- Zuletzt bearbeitet 09.10.2025 19:55:41
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability. A token was not invalidated which may allow attackers to access sensitive data without authorization.
CVE-2025-0250
- EPSS 0.02%
- Veröffentlicht 25.07.2025 00:15:24
- Zuletzt bearbeitet 09.10.2025 19:55:34
HCL IEM is affected by an authorization token sent in cookie vulnerability. A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks.