Lucene search
+L
HcltechIcontrol

6 matches found

CVE
CVE
added 2026/06/04 11:49 a.m.31 views

CVE-2025-52608

The CVE-2025-52608 entry concerns HCL iControl with Missing Cookie Attributes: cookies lack Secure and SameSite flags and have root path. Affected component is the web application’s session cookies; root path configuration and missing security attributes are cited as the underlying issue. The pro...

4.3CVSS5.8AI score0.00098EPSS
CVE
CVE
added 2026/06/04 11:41 a.m.24 views

CVE-2025-52611

CVE-2025-52611 concerns HCL iControl v4.0.0, where an unhandled exception leads to stack trace disclosure. The root cause is described as accessing an undefined object’s property, specifically the dashboard key, within the application's JavaScript code. This missing/improperly initialized object ...

4.3CVSS5.9AI score0.00157EPSS
CVE
CVE
added 2026/06/17 12:17 p.m.24 views

CVE-2025-62340

HCL iControl is affected by CVE-2025-62340 (Inadequate Session Timeout). The vulnerability is a failure of the web application to automatically terminate user sessions after a period of inactivity. According to the provided sources, the affected product is HCL iControl, with impact described as C...

5.3CVSS5.2AI score0.00204EPSS
CVE
CVE
added 2026/06/04 11:42 a.m.20 views

CVE-2025-52609

Technical details about CVE-2025-52609 are not publicly available in the provided documents. Monitor for updates from vendors and advisories; current descriptions indicate a Missing Security Headers/XSS issue but no concrete affected versions or fixes.

5.3CVSS5.6AI score0.00161EPSS
CVE
CVE
added 2026/06/04 11:40 a.m.19 views

CVE-2025-52612

CVE-2025-52612 affects HCL iControl. The vulnerability is described as a CSV export injection that enables reflected cross-site scripting due to insufficient input parameter sanitization. The CVSS 3.1 vector (AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) indicates high impact across confidentiality, integ...

8.8CVSS5.6AI score0.00199EPSS
CVE
CVE
added 2026/06/04 11:56 a.m.18 views

CVE-2025-52606

Technical details about CVE-2025-52606 are not publicly provided in the supplied documents. No affected products, versions, exploit info, or remediation are specified here. Monitor for updates.

4.3CVSS5.8AI score0.00169EPSS