How severe is CVE-2025-12031?

CVE-2025-12031 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-12031

5.3MEDIUM

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1

Veröffentlicht: 10/21/2025Aktualisiert: 11/7/2025

Beschreibung

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

KI-AnalyseKI-gestützt

Betroffene Produkte

azure-accessblu-ic2_firmware

azure-accessblu-ic2

azure-accessblu-ic4_firmware

azure-accessblu-ic4

Referenzen

https://azure-access.com/security-advisories
Vendor Advisory