Hcltechsw: >> Hcl Launch Security Vulnerabilities
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-04-15
HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.
CVSS Score
4.3
EPSS Score
0.004
Published
2024-04-15
HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-04-15
HCL DevOps Deploy / Launch is generating an obsolete HTTP header.
CVSS Score
6.1
EPSS Score
0.004
Published
2024-04-15
HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.
CVSS Score
6.2
EPSS Score
0.001
Published
2024-02-03
An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts..
CVSS Score
6.2
EPSS Score
0.0
Published
2023-12-28
HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-12-28
HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-12-21
HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-12-21
HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.
CVSS Score
5.1
EPSS Score
0.001
Published
2023-07-10