Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

IEM

Source -

CNA

CNA CVEs -

5

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2025-0253
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-2||LOW
EPSS-0.03% / 5.83%
||
7 Day CHG~0.00%
Published-25 Jul, 2025 | 00:16
Updated-25 Jul, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL IEM is affected by a cookie attribute not set vulnerability

HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-IEM
CWE ID-CWE-384
Session Fixation
CVE-2025-0252
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-2.6||LOW
EPSS-0.02% / 2.27%
||
7 Day CHG~0.00%
Published-25 Jul, 2025 | 00:08
Updated-25 Jul, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL IEM is affected by a password in cleartext vulnerability

HCL IEM is affected by a password in cleartext vulnerability.  Sensitive information is transmitted without adequate protection, potentially exposing it to unauthorized access during transit.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-IEM
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-0251
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-2.6||LOW
EPSS-0.03% / 6.56%
||
7 Day CHG~0.00%
Published-25 Jul, 2025 | 00:06
Updated-25 Jul, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL IEM is affected by a concurrent login vulnerability

HCL IEM is affected by a concurrent login vulnerability.  The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-IEM
CWE ID-CWE-384
Session Fixation
CVE-2025-0250
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-2.2||LOW
EPSS-0.02% / 2.81%
||
7 Day CHG~0.00%
Published-24 Jul, 2025 | 23:28
Updated-25 Jul, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL IEM is affected by an authorization token sent in cookie vulnerability

HCL IEM is affected by an authorization token sent in cookie vulnerability.  A token used for authentication and authorization is being handled in a manner that may increase its exposure to security risks.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-IEM
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2025-0249
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-3.3||LOW
EPSS-0.03% / 7.71%
||
7 Day CHG~0.00%
Published-24 Jul, 2025 | 23:19
Updated-25 Jul, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability

HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token was not invalidated which may allow attackers to access sensitive data without authorization.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-IEM
CWE ID-CWE-287
Improper Authentication