Search criteria
10 vulnerabilities found for intelliops_event_management by hcltech
CVE-2025-0253 (GCVE-0-2025-0253)
Vulnerability from nvd – Published: 2025-07-25 00:16 – Updated: 2025-07-25 13:18
VLAI
Title
HCL IEM is affected by a cookie attribute not set vulnerability
Summary
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.
Severity
CWE
- CWE-384 - Session Fixation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:18:25.012399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:18:29.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.\u003cbr\u003e"
}
],
"value": "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:16:19.560Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL IEM is affected by a cookie attribute not set vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0253",
"datePublished": "2025-07-25T00:16:19.560Z",
"dateReserved": "2025-01-06T16:00:28.871Z",
"dateUpdated": "2025-07-25T13:18:29.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0252 (GCVE-0-2025-0252)
Vulnerability from nvd – Published: 2025-07-25 00:08 – Updated: 2025-07-25 13:19
VLAI
Title
HCL IEM is affected by a password in cleartext vulnerability
Summary
HCL IEM is affected by a password in cleartext vulnerability. Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:18:50.215903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:19:00.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a password in cleartext vulnerability.\u0026nbsp; Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit."
}
],
"value": "HCL IEM is affected by a password in cleartext vulnerability.\u00a0 Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:19:29.552Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by a password in cleartext vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0252",
"datePublished": "2025-07-25T00:08:13.901Z",
"dateReserved": "2025-01-06T16:00:27.548Z",
"dateUpdated": "2025-07-25T13:19:00.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0251 (GCVE-0-2025-0251)
Vulnerability from nvd – Published: 2025-07-25 00:06 – Updated: 2025-07-25 13:20
VLAI
Title
HCL IEM is affected by a concurrent login vulnerability
Summary
HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
Severity
CWE
- CWE-384 - Session Fixation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:20:06.213346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:20:11.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a concurrent login vulnerability.\u0026nbsp; The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks."
}
],
"value": "HCL IEM is affected by a concurrent login vulnerability.\u00a0 The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:20:54.150Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by a concurrent login vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0251",
"datePublished": "2025-07-25T00:06:08.416Z",
"dateReserved": "2025-01-06T16:00:26.083Z",
"dateUpdated": "2025-07-25T13:20:11.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0250 (GCVE-0-2025-0250)
Vulnerability from nvd – Published: 2025-07-24 23:28 – Updated: 2025-07-25 13:28
VLAI
Title
HCL IEM is affected by an authorization token sent in cookie vulnerability
Summary
HCL IEM is affected by an authorization token sent in cookie vulnerability. A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:27:53.816295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:28:04.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by an authorization token sent in cookie vulnerability.\u0026nbsp; A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks."
}
],
"value": "HCL IEM is affected by an authorization token sent in cookie vulnerability.\u00a0 A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:36:16.177Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by an authorization token sent in cookie vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0250",
"datePublished": "2025-07-24T23:28:00.736Z",
"dateReserved": "2025-01-06T16:00:24.479Z",
"dateUpdated": "2025-07-25T13:28:04.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0249 (GCVE-0-2025-0249)
Vulnerability from nvd – Published: 2025-07-24 23:19 – Updated: 2025-07-25 13:28
VLAI
Title
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability
Summary
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability. A token was not invalidated which may allow attackers to access sensitive data without authorization.
Severity
CWE
- CWE-287 - Improper Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0249",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:28:18.569064Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:28:25.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.\u0026nbsp; A token was not invalidated which may allow attackers to access sensitive data without authorization."
}
],
"value": "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.\u00a0 A token was not invalidated which may allow attackers to access sensitive data without authorization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:37:41.426Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0249",
"datePublished": "2025-07-24T23:19:20.328Z",
"dateReserved": "2025-01-06T16:00:15.888Z",
"dateUpdated": "2025-07-25T13:28:25.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0253 (GCVE-0-2025-0253)
Vulnerability from cvelistv5 – Published: 2025-07-25 00:16 – Updated: 2025-07-25 13:18
VLAI
Title
HCL IEM is affected by a cookie attribute not set vulnerability
Summary
HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.
Severity
CWE
- CWE-384 - Session Fixation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:18:25.012399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:18:29.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.\u003cbr\u003e"
}
],
"value": "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:16:19.560Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL IEM is affected by a cookie attribute not set vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0253",
"datePublished": "2025-07-25T00:16:19.560Z",
"dateReserved": "2025-01-06T16:00:28.871Z",
"dateUpdated": "2025-07-25T13:18:29.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0252 (GCVE-0-2025-0252)
Vulnerability from cvelistv5 – Published: 2025-07-25 00:08 – Updated: 2025-07-25 13:19
VLAI
Title
HCL IEM is affected by a password in cleartext vulnerability
Summary
HCL IEM is affected by a password in cleartext vulnerability. Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0252",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:18:50.215903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:19:00.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a password in cleartext vulnerability.\u0026nbsp; Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit."
}
],
"value": "HCL IEM is affected by a password in cleartext vulnerability.\u00a0 Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:19:29.552Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by a password in cleartext vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0252",
"datePublished": "2025-07-25T00:08:13.901Z",
"dateReserved": "2025-01-06T16:00:27.548Z",
"dateUpdated": "2025-07-25T13:19:00.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0251 (GCVE-0-2025-0251)
Vulnerability from cvelistv5 – Published: 2025-07-25 00:06 – Updated: 2025-07-25 13:20
VLAI
Title
HCL IEM is affected by a concurrent login vulnerability
Summary
HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
Severity
CWE
- CWE-384 - Session Fixation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:20:06.213346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:20:11.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a concurrent login vulnerability.\u0026nbsp; The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks."
}
],
"value": "HCL IEM is affected by a concurrent login vulnerability.\u00a0 The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:20:54.150Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by a concurrent login vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0251",
"datePublished": "2025-07-25T00:06:08.416Z",
"dateReserved": "2025-01-06T16:00:26.083Z",
"dateUpdated": "2025-07-25T13:20:11.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0250 (GCVE-0-2025-0250)
Vulnerability from cvelistv5 – Published: 2025-07-24 23:28 – Updated: 2025-07-25 13:28
VLAI
Title
HCL IEM is affected by an authorization token sent in cookie vulnerability
Summary
HCL IEM is affected by an authorization token sent in cookie vulnerability. A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks.
Severity
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:27:53.816295Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:28:04.704Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by an authorization token sent in cookie vulnerability.\u0026nbsp; A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks."
}
],
"value": "HCL IEM is affected by an authorization token sent in cookie vulnerability.\u00a0 A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:36:16.177Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by an authorization token sent in cookie vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0250",
"datePublished": "2025-07-24T23:28:00.736Z",
"dateReserved": "2025-01-06T16:00:24.479Z",
"dateUpdated": "2025-07-25T13:28:04.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0249 (GCVE-0-2025-0249)
Vulnerability from cvelistv5 – Published: 2025-07-24 23:19 – Updated: 2025-07-25 13:28
VLAI
Title
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability
Summary
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability. A token was not invalidated which may allow attackers to access sensitive data without authorization.
Severity
CWE
- CWE-287 - Improper Authentication
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
Date Public
2025-07-24 23:15
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0249",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:28:18.569064Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:28:25.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.\u0026nbsp; A token was not invalidated which may allow attackers to access sensitive data without authorization."
}
],
"value": "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.\u00a0 A token was not invalidated which may allow attackers to access sensitive data without authorization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:37:41.426Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by an improper invalidation of access or JWT token vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0249",
"datePublished": "2025-07-24T23:19:20.328Z",
"dateReserved": "2025-01-06T16:00:15.888Z",
"dateUpdated": "2025-07-25T13:28:25.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}