Vulnerability Details CVE-2025-31954
HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.7%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-31954
-
cpe:2.3:a:hcltech:dryice_iautomate:6.5.1
-
cpe:2.3:a:hcltech:dryice_iautomate:6.5.2