Description
HCL IEM is affected by a concurrent login vulnerability. The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- HCL Software / IEM1.2 – 1.2