Описание
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hcltech:dryice_iautomate:6.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00074
Низкий
7.1 High
CVSS3
Дефекты
CWE-613
Связанные уязвимости
CVSS3: 7.1
github
7 месяцев назад
HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked, increasing the risk of unauthorized access.
EPSS
Процентиль: 22%
0.00074
Низкий
7.1 High
CVSS3
Дефекты
CWE-613