High
CVSS 7.1
Overview
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access.
CVE-2025-31952
HCL iAutomate is affected by an insufficient session expiration. This allows to...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.1 (HIGH)
- Detected tags: unauth_access (tag impact: HIGH)
Recommended actions:
- Enforce authentication/authorization; reduce default endpoint exposure.