CVE-2025-52608

CVSS Score & Metrics

Base Score

3.1 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N                                    

Vulnerability Description

HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure and SameSite. And also path is set to root.

Vulnerability Details

Published Date

June 04, 2026

Last Modified

June 04, 2026

CWE ID

CWE-614

Source

NVD

Vendor

HCL

Product

iControl

External References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131061

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment