CVE-2023-45703
- EPSS 0.47%
- Veröffentlicht 21.12.2023 00:15:25
- Zuletzt bearbeitet 21.11.2024 08:27:14
HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.
CVE-2023-23348
- EPSS 0.15%
- Veröffentlicht 10.07.2023 18:15:10
- Zuletzt bearbeitet 21.11.2024 07:46:01
HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.
CVE-2022-42452
- EPSS 0.34%
- Veröffentlicht 02.04.2023 21:15:08
- Zuletzt bearbeitet 12.02.2025 15:15:10
HCL Launch is vulnerable to HTML injection. HTML code is stored and included without being sanitized. This can lead to further attacks such as XSS and Open Redirections.
CVE-2022-42445
- EPSS 0.54%
- Veröffentlicht 12.12.2022 13:15:14
- Zuletzt bearbeitet 25.04.2025 15:15:32
HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches.
CVE-2022-27551
- EPSS 0.45%
- Veröffentlicht 03.08.2022 20:15:07
- Zuletzt bearbeitet 21.11.2024 06:55:57
HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking.
CVE-2022-27548
- EPSS 0.47%
- Veröffentlicht 06.07.2022 21:15:11
- Zuletzt bearbeitet 21.11.2024 06:55:56
HCL Launch stores user credentials in plain clear text which can be read by a local user.
CVE-2022-27549
- EPSS 0.15%
- Veröffentlicht 06.07.2022 21:15:11
- Zuletzt bearbeitet 21.11.2024 06:55:57
HCL Launch may store certain data for recurring activities in a plain text format.