CVE-2025-0251
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-10-09
Assigner: HCL Software
Description
Description
HCL IEM is affected by a concurrent login vulnerability.Β The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcltech | intelliops_event_management | 1.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-384 | Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in HCL IEM allows multiple concurrent sessions using the same user credentials, meaning a single user account can be logged in from multiple places at the same time. This behavior can introduce security risks.
How can this vulnerability impact me? :
The vulnerability can impact you by increasing security risks, such as unauthorized access or session hijacking, since multiple concurrent sessions with the same credentials are allowed, potentially making it harder to detect misuse or compromise.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70