Hardcoded Credential Vulnerability in HCL iAutomate
CVE-2025-31953

7.1HIGH

Key Information:

Vendor: HCL Software Software
Status: Iautomate
Vendor: CVE Published:; 24 July 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-31953?

HCL iAutomate contains hardcoded credentials that can lead to unauthorized access and potential exposure of sensitive information. If these credentials are intercepted by malicious actors, the integrity and confidentiality of user data may be compromised. Organizations utilizing HCL iAutomate are advised to review their security configurations and implement best practices to mitigate the risks associated with this vulnerability.

Affected Version(s)

iAutomate 6.5.1

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 24, 2025
Vulnerability Reserved
Apr 1, 2025