IEM
by HCL Software
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-0253 | 0.00 | — | 0.00 | Jul 25, 2025 | HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities. | |||
| CVE-2025-0252 | 0.00 | — | 0.00 | Jul 25, 2025 | HCL IEM is affected by a password in cleartext vulnerability. Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit. | |||
| CVE-2025-0251 | 0.00 | — | 0.00 | Jul 25, 2025 | HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks. | |||
| CVE-2025-0250 | 0.00 | — | 0.00 | Jul 24, 2025 | HCL IEM is affected by an authorization token sent in cookie vulnerability. A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks. | |||
| CVE-2025-0249 | 0.00 | — | 0.00 | Jul 24, 2025 | HCL IEM is affected by an improper invalidation of access or JWT token vulnerability. A token was not invalidated which may allow attackers to access sensitive data without authorization. |
- CVE-2025-0253Jul 25, 2025risk 0.00cvss —epss 0.00
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.
- CVE-2025-0252Jul 25, 2025risk 0.00cvss —epss 0.00
HCL IEM is affected by a password in cleartext vulnerability. Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit.
- CVE-2025-0251Jul 25, 2025risk 0.00cvss —epss 0.00
HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
- CVE-2025-0250Jul 24, 2025risk 0.00cvss —epss 0.00
HCL IEM is affected by an authorization token sent in cookie vulnerability. A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks.
- CVE-2025-0249Jul 24, 2025risk 0.00cvss —epss 0.00
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability. A token was not invalidated which may allow attackers to access sensitive data without authorization.