CVE-2025-0249
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-10-09
Assigner: HCL Software
Description
Description
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.Β A token was not invalidated which may allow attackers to access sensitive data without authorization.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcltech | intelliops_event_management | 1.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in HCL IEM involves improper invalidation of access or JWT tokens, meaning that a token was not properly invalidated. As a result, attackers may be able to use these tokens to access sensitive data without proper authorization.
How can this vulnerability impact me? :
The vulnerability can allow attackers to gain unauthorized access to sensitive data by exploiting tokens that were not invalidated properly, potentially leading to data exposure or unauthorized actions within the affected system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70