CVE-2025-12278
26.10.2025, 17:15
Logout Functionality not Working.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.Enginsight
| Vendor | Product | Version |
|---|---|---|
| azure-access | blu-ic2_firmware | 𝑥 < 1.20 |
| azure-access | blu-ic4_firmware | 𝑥 < 1.20 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-613 - Insufficient Session ExpirationAccording to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."