CVE-2025-52608

CVSS v3.1

3.1

Low

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure and SameSite. And also path is set to root.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-614

Related Identifiers

CVE-2025-52608

Affected Products

Icontrol

CVE-2025-52608

Weakness Enumeration

Related Identifiers

Affected Products

References · 2