4.3

CVE-2026-56457

HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information

HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HcltechswHcl Devops Deploy Version >= 8.0.0.0 < 8.0.1.14
HcltechswHcl Devops Deploy Version >= 8.1.0.0 < 8.1.2.7
HcltechswHcl Devops Deploy Version >= 8.2.0.0 < 8.2.2.0
HcltechswHcl Launch Version >= 7.3.0.0 < 7.3.2.19
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.078
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@hcl.com 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131694
Vendor Advisory