Unrated severityNVD Advisory· Published Oct 21, 2025· Updated Oct 21, 2025

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute

CVE-2025-12031

Description

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Affected products

Azure Access Technology/Blu Ic4v5
Range: 0
Azure Access Technology/Blu Ic2v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

azure-access.com/security-advisoriesmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000