Hcltech: >> Dryice Iautomate Security Vulnerabilities
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-07-24
HCL iAutomate includes hardcoded credentials which may result in potential exposure of confidential data if intercepted or accessed by unauthorized parties.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-07-24
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow unauthorized access to sensitive information within the system.
CVSS Score
7.6
EPSS Score
0.001
Published
2025-07-24
HCL iAutomate is affected by a session fixation vulnerability. An attacker could hijack a victim's session ID from their authenticated session.
CVSS Score
5.5
EPSS Score
0.001
Published
2025-02-05
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.
CVSS Score
6.4
EPSS Score
0.0
Published
2023-08-09