HCL iAutomate is affected by an insufficient session expiration

July 24, 2025 invoker category_cve

CVE Details

Basic Information

Title HCL iAutomate is affected by an insufficient session expiration
Type cve
Published 2025-07-24T21:01:57.524Z
Modified 2025-07-24T21:01:57.524Z

Product Information

Vendor HCL Software
Product iAutomate
Version 6.5.1

CVSS Information

Base Score 7.1 (HIGH)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

AI Analysis

AI Description HCL iAutomate has a session expiration issue where tokens remain valid indefinitely, risking unauthorized access.
AI Severity Medium
AI Vendor HCL Software
AI Product iAutomate
AI Version 6.5.1

Affected Products

  • HCL Software iAutomate 6.5.1

Additional Information

CWE List CWE-613
Source HCL

Description

HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.