Filtered by vendor Hcltech
Subscriptions
Filtered by product Dryice Iautomate
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31954 | 1 Hcltech | 2 Dryice Iautomate, Iautomate | 2025-11-07 | 5.4 Medium |
| HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see. | ||||
| CVE-2025-31952 | 1 Hcltech | 1 Dryice Iautomate | 2025-10-10 | 7.1 High |
| HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access. | ||||
| CVE-2025-31953 | 1 Hcltech | 1 Dryice Iautomate | 2025-10-10 | 7.1 High |
| HCL iAutomate includes hardcoded credentials which may result in potential exposure of confidential data if intercepted or accessed by unauthorized parties. | ||||
| CVE-2025-31955 | 1 Hcltech | 1 Dryice Iautomate | 2025-10-10 | 7.6 High |
| HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow unauthorized access to sensitive information within the system. | ||||
| CVE-2024-42207 | 1 Hcltech | 1 Dryice Iautomate | 2025-10-10 | 5.5 Medium |
| HCL iAutomate is affected by a session fixation vulnerability. An attacker could hijack a victim's session ID from their authenticated session. | ||||
| CVE-2023-23347 | 1 Hcltech | 1 Dryice Iautomate | 2024-11-21 | 6.4 Medium |
| HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information. | ||||
Page 1 of 1.