Authorization Token Vulnerability in HCL IEM Software
CVE-2025-0250

2.2LOW

Key Information:

Vendor: HCL Software Software
Status: Iem
Vendor: CVE Published:; 25 July 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-0250?

HCL IEM is susceptible to an exposure issue involving the handling of authorization tokens in cookies. This vulnerability potentially compromises the authentication process, increasing the risk of unauthorized access. Proper management of these tokens is critical to safeguarding sensitive information during communication between the client and server. Users are urged to implement recommended security practices to mitigate these risks.

Affected Version(s)

IEM 1.2

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

x_refsource_CONFIRM

CVSS V3.1

Score:

2.2

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Jan 6, 2025