How severe is CVE-2025-12031?

CVE-2025-12031 has a CVSS v3 score of 5.3 (MEDIUM).

CVE-2025-12031

5.3MEDIUM

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1

Опубликовано: 10/21/2025Обновлено: 11/7/2025

Описание

HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

ИИ-АнализНа базе ИИ

Затронутые продукты

azure-accessblu-ic2_firmware

azure-accessblu-ic2

azure-accessblu-ic4_firmware

azure-accessblu-ic4

Ссылки

https://azure-access.com/security-advisories
Vendor Advisory