Lucene search
K

192 matches found

Cvelist
Cvelist
added 2024/04/15 7:22 p.m.14 views

CVE-2024-23560 HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom type

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type...

4.4CVSS5.1AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2024/04/15 6:15 p.m.2 views

CVE-2024-23559

HCL DevOps Deploy / Launch is generating an obsolete HTTP header...

6.1CVSS5.8AI score0.00308EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 6:15 p.m.15 views

CVE-2024-23559

HCL DevOps Deploy / Launch is generating an obsolete HTTP header...

6.1CVSS6.3AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 5:31 p.m.26 views

CVE-2024-23559 HCL DevOps Deploy / Launch is generating an obsolete HTTP header

HCL DevOps Deploy / Launch is generating an obsolete HTTP header...

6.1CVSS7AI score0.00308EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. It is used to handle the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch that stems from not invalidati...

6.3CVSS6.7AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. for handling the most complex deployment processes in DevOps. A security vulnerability exists in HCL Technologies HCL DevOps Deploy and HCL Launch that stems from...

4.3CVSS6.8AI score0.0036EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.2 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. It is used to handle the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch that stems from allowing the...

6.1CVSS6.7AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.3 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, Inc. It is used to handle the most complex deployment processes in DevOps. A security vulnerability exists in HCL DevOps Deploy and HCL Launch that stems from the...

4.9CVSS6.7AI score0.00324EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.3 views

PT-2024-19941 · Hcl · Hcl Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: HCL DevOps Deploy / HCL Launch affected versions not specified Description: The issue is related to incomplete revocation of permissions when deleting a custom security resource type. There is no information provided about the estimated numbe...

4.9CVSS6.4AI score0.00324EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.4 views

PT-2024-19939 · Hcl · Hcl Devops Deploy +1

Name of the Vulnerable Software and Affected Versions: HCL DevOps Deploy / HCL Launch affected versions not specified Description: The issue arises from the failure of HCL DevOps Deploy / HCL Launch to invalidate a user's session after they log out. This could potentially allow an authenticated...

6.3CVSS6.7AI score0.00308EPSS
Exploits0References8
NVD
NVD
added 2024/04/12 5:17 p.m.22 views

CVE-2024-22358

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

8.8CVSS6.1AI score0.00411EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.3 views

CVE-2024-22358

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

8.8CVSS5.8AI score0.00411EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.4 views

CVE-2024-22359

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intend...

6.1CVSS5.5AI score0.0037EPSS
Exploits0References2
NVD
NVD
added 2024/04/12 5:17 p.m.25 views

CVE-2024-22334

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS4.6AI score0.00436EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 5:17 p.m.4 views

CVE-2024-22339

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 is vulnerable to a sensitive information due to insufficient obfuscation of sensitive values from some log files. IBM X-Force ID: 279979...

4.3CVSS5.8AI score0.00443EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/12 4:53 p.m.19 views

CVE-2024-22358 IBM UrbanCode Deploy session fixation

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 28089...

6.3CVSS6.1AI score0.00411EPSS
Exploits0References2
CVE
CVE
added 2024/04/12 4:51 p.m.59 views

CVE-2024-22339

CVE-2024-22339 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy, with the root cause being insufficient obfuscation of sensitive values in some log files, leading to potential sensitive information disclosure. Affected products and versions include: UCD 7.0–7.0.5.20, 7.1–7.1.2.16, 7.2–7.2...

4.3CVSS5.9AI score0.00443EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2024/04/12 4:41 p.m.27 views

CVE-2024-22334 IBM UrbanCode Deploy improper privilege control

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS4.8AI score0.00436EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 4:41 p.m.14 views

CVE-2024-22334 IBM UrbanCode Deploy improper privilege control

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.20, 7.1 through 7.1.2.16, 7.2 through 7.2.3.9, 7.3 through 7.3.2.4 and IBM DevOps Deploy 8.0 through 8.0.0.1 could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. When deleting a custom security type,...

4.4CVSS6.6AI score0.00436EPSS
Exploits0References2
CVE
CVE
added 2024/04/12 4:41 p.m.68 views

CVE-2024-22334

Summary : CVE-2024-22334 affects IBM UrbanCode Deploy (UCD) and IBM DevOps Deploy, with an incomplete revocation of permissions when deleting a custom security resource type. The issue can cause associated permissions of objects using that type to remain or be misreported, leading to inaccurate p...

4.4CVSS4.6AI score0.00436EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder