4.3
CVE-2024-23561
- EPSS 0.38%
- Published 15.04.2024 21:15:07
- Last modified 11.04.2025 18:16:41
- Source psirt@hcl.com
- Teams watchlist Login
- Open Login
HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.
Data is provided by the National Vulnerability Database (NVD)
Hcltechsw ≫ Hcl Devops Deploy Version >= 8.0.0.0 < 8.0.1
Hcltechsw ≫ Hcl Launch Version >= 7.0.0.0 < 7.0.5.21
Hcltechsw ≫ Hcl Launch Version >= 7.1.0.0 < 7.1.2.17
Hcltechsw ≫ Hcl Launch Version >= 7.2.0.0 < 7.2.3.10
Hcltechsw ≫ Hcl Launch Version >= 7.3.0.0 < 7.3.2.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.588 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| psirt@hcl.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
CWE-922 Insecure Storage of Sensitive Information
The product stores sensitive information without properly limiting read or write access by unauthorized actors.