Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Azure Access Technology | BLU-IC2 | unaffected |
|
||||||
| Azure Access Technology | BLU-IC4 | unaffected |
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Azure Access Technology | Blu-ic2 | — | — |
| Azure Access Technology | Blu-ic4 | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://azure-access.com/security-advisories |
|
Fri, 07 Nov 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Azure-access
Azure-access blu-ic2 Azure-access blu-ic2 Firmware Azure-access blu-ic4 Azure-access blu-ic4 Firmware |
|
| CPEs | cpe:2.3:h:azure-access:blu-ic2:*:*:*:*:*:*:*:* cpe:2.3:h:azure-access:blu-ic4:*:*:*:*:*:*:*:* cpe:2.3:o:azure-access:blu-ic2_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:azure-access:blu-ic4_firmware:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Azure-access
Azure-access blu-ic2 Azure-access blu-ic2 Firmware Azure-access blu-ic4 Azure-access blu-ic4 Firmware |
|
| Metrics |
cvssV3_1
|
Thu, 23 Oct 2025 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Azure Access Technology
Azure Access Technology blu-ic2 Azure Access Technology blu-ic4 |
|
| Vendors & Products |
Azure Access Technology
Azure Access Technology blu-ic2 Azure Access Technology blu-ic4 |
Tue, 21 Oct 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 21 Oct 2025 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute may allow reading the sensitive cookies from the javascript contextThis issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | |
| Title | HTTP Security Misconfiguration - Lacking Secure and HTTPOnly Attribute | |
| Weaknesses | CWE-1004 | |
| References |
| |
| Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: azure-access
Published:
Updated: 2025-10-21T18:17:10.703Z
Reserved: 2025-10-21T17:16:07.117Z
Link: CVE-2025-12031
Vulnrichment
Updated: 2025-10-21T18:17:06.633Z
NVD
Status : Analyzed
Published: 2025-10-21T18:15:36.157
Modified: 2025-11-07T20:10:04.100
Link: CVE-2025-12031
Redhat
No data.
OpenCVE Enrichment
Updated: 2025-10-23T10:12:30Z