6.2
CVE-2026-56459
- EPSS 0.16%
- Veröffentlicht 09.07.2026 08:25:50
- Zuletzt bearbeitet 10.07.2026 15:55:49
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure
HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure. The application stores potentially sensitive information in log files that could be read by a local user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hcltechsw ≫ Hcl Devops Deploy Version >= 8.0.0.0 < 8.0.1.14
Hcltechsw ≫ Hcl Devops Deploy Version >= 8.1.0.0 < 8.1.2.7
Hcltechsw ≫ Hcl Devops Deploy Version >= 8.2.0.0 < 8.2.2.0
Hcltechsw ≫ Hcl Launch Version >= 7.3.0.0 < 7.3.2.19
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.053 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| psirt@hcl.com | 6.2 | 2.5 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-532 Insertion of Sensitive Information into Log File
The product writes sensitive information to a log file.
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0131696