Hcltechsw

Hcl Launch

22 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2025-0272

Media report
  • EPSS 0.03%
  • Published 03.04.2025 15:15:47
  • Last modified 10.04.2025 13:27:02

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.

7.5

CVE-2025-0257

Media report
  • EPSS 0.04%
  • Published 02.04.2025 22:15:18
  • Last modified 10.04.2025 14:13:56

HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.

5.5

CVE-2025-0273

  • EPSS 0.02%
  • Published 27.03.2025 05:03:12
  • Last modified 11.04.2025 16:19:26

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.

7.2

CVE-2025-0255

  • EPSS 0.13%
  • Published 24.03.2025 16:32:21
  • Last modified 11.04.2025 17:40:04

HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements.

6.5

CVE-2025-0256

  • EPSS 0.04%
  • Published 24.03.2025 15:35:38
  • Last modified 11.04.2025 17:38:18

HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.

5.5

CVE-2024-42196

  • EPSS 0.03%
  • Published 06.12.2024 15:15:08
  • Last modified 14.04.2025 17:16:43

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.

6.8

CVE-2024-42195

  • EPSS 0.24%
  • Published 05.12.2024 05:15:06
  • Last modified 21.04.2025 16:50:52

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.

4.3

CVE-2024-23561

  • EPSS 0.38%
  • Published 15.04.2024 21:15:07
  • Last modified 11.04.2025 18:16:41

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.

6.3

CVE-2024-23558

  • EPSS 0.12%
  • Published 15.04.2024 21:15:07
  • Last modified 11.04.2025 18:14:35

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

4.9

CVE-2024-23560

  • EPSS 0.13%
  • Published 15.04.2024 20:15:10
  • Last modified 11.04.2025 18:25:49

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type.