Shodan
Vulnerabilities
Vulnerable Software
Hcltechsw:  Security Vulnerabilities
CVE-2025-0272
HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-04-03
CVE-2025-0257
HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-04-02
CVE-2025-0273
HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-03-27
CVE-2025-0255
HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements.
CVSS Score
7.2
EPSS Score
0.002
Published
2025-03-24
CVE-2025-0256
HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-24
CVE-2024-42196
HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-12-06
CVE-2024-42195
HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
CVSS Score
3.1
EPSS Score
0.001
Published
2024-12-05
CVE-2024-23576
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-05-14
CVE-2024-23558
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-04-15
CVE-2024-23561
HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-04-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved