Password Exposure Risk in HCL IEM Software by HCL Technologies
CVE-2025-0252

2.6LOW

Key Information:

Vendor: HCL Software Software
Status: Iem
Vendor: CVE Published:; 25 July 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-0252?

HCL IEM software from HCL Technologies has a vulnerability that allows sensitive information, such as passwords, to be transmitted in cleartext. This lack of adequate protection during data transmission raises significant security concerns, as it makes the data susceptible to unauthorized access. Organizations using HCL IEM should take immediate measures to secure their data transmissions and ensure that sensitive information is encrypted to prevent exploitation.

Affected Version(s)

IEM 1.2

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

x_refsource_CONFIRM

CVSS V3.1

Score:

2.6

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025