How severe is CVE-2025-12031?

CVE-2025-12031 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-12031

5.3MEDIUM

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1

게시됨: 10/21/2025업데이트됨: 11/7/2025

설명

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

AI 분석AI 기반

영향받는 제품

azure-accessblu-ic2_firmware

azure-accessblu-ic2

azure-accessblu-ic4_firmware

azure-accessblu-ic4

참조

https://azure-access.com/security-advisories
Vendor Advisory