HCL iAutomate Session Fixation Vulnerability Allowing Session Hijacking

Vulnerability

A session fixation vulnerability has been identified in HCL iAutomate. This issue allows an attacker to hijack a victim's session ID from an authenticated session, potentially leading to unauthorized access or actions on behalf of the victim.

Impact

Exploitation of this vulnerability could result in session hijacking, allowing an attacker to impersonate a victim and gain unauthorized access to their session.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

4.5

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL iAutomate Session Fixation Vulnerability Allowing Session Hijacking

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating