Hcltech Dryice Iautomate — known CVE vulnerabilities
Every CVE whose affected-product data names Hcltech Dryice Iautomate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-31955 — CVSS 7.6 (high): HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow unauthorized access to sensitive information…
CVE-2025-31952 — CVSS 7.1 (high): HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain valid indefinitely unless manually revoked…
CVE-2025-31953 — CVSS 7.1 (high): HCL iAutomate includes hardcoded credentials which may result in potential exposure of confidential data if intercepted or accessed by…
CVE-2023-23347 — CVSS 6.4 (medium): HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality…
CVE-2024-42207 — CVSS 5.5 (medium): HCL iAutomate is affected by a session fixation vulnerability. An attacker could hijack a victim's session ID from their authenticated…
CVE-2025-31954 — CVSS 5.4 (medium): HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and…