CVE-2025-0251

HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.

CVSS v3 2.6 LOW

2.6^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:intelliops_event_management:1.2:*:*:*:*:*:*:*

History

09 Oct 2025, 19:55

Type	Values Removed	Values Added
Summary		(es) HCL IEM se ve afectado por una vulnerabilidad de inicio de sesión simultáneo. La aplicación permite múltiples sesiones simultáneas con las mismas credenciales de usuario, lo que puede suponer riesgos de seguridad.
References	~~() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368 -~~	() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0122368 - Vendor Advisory
First Time		Hcltech Hcltech intelliops Event Management
CPE		cpe:2.3:a:hcltech:intelliops_event_management:1.2:::::::*

25 Jul 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-25 01:15

Updated : 2025-10-09 19:55

NVD link : CVE-2025-0251

Mitre link : CVE-2025-0251

CVE.ORG link : CVE-2025-0251

JSON object : View

Products Affected

hcltech

intelliops_event_management

CWE

CWE-384

Session Fixation

2.6 /10