CVE-2025-0253
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-25
Last updated on: 2025-10-09
Assigner: HCL Software
Description
Description
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcltech | intelliops_event_management | 1.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-384 | Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in HCL IEM is due to a cookie attribute not being set properly because of inconsistent security-related configurations. This could potentially increase exposure to other vulnerabilities by making cookies less secure.
How can this vulnerability impact me? :
The vulnerability could increase the risk of security issues related to cookies, such as unauthorized access or session hijacking, although the overall impact is low as indicated by the CVSS score.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70