CVE-2025-52608

Medium

HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical…

HCL·CWE-614·Published 2026-06-04

CVSS

4.3

EPSS

0.00

KEV

Exploits

cve.orgen

215 chars

HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure and SameSite. And also path is set to root.

NVDen

215 chars

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3.1	Primary	cve.org	3.1	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N