Hcl Launch@7.0.0.0 Security Vulnerabilities and Issues — Hcl Launch@7.0.0.0 CVE List

Lucene search

HcltechswHcl Launch7.0.0.0

16 matches found

CVE•added 2022/12/12 1:15 p.m.•64 views

CVE-2022-42445

HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches.

4.9CVSS5AI score0.0009EPSS

CVE•added 2024/12/06 3:15 p.m.•62 views

CVE-2024-42196

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.

6.2CVSS6AI score0.00029EPSS

CVE•added 2025/03/27 5:15 a.m.•55 views

CVE-2025-0273

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.

5.5CVSS6.5AI score0.00018EPSS

CVE•added 2022/08/03 8:15 p.m.•54 views

CVE-2022-27551

HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking.

6.5CVSS5.6AI score0.0018EPSS

CVE•added 2025/03/24 4:15 p.m.•53 views

CVE-2025-0256

HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.

6.5CVSS6.4AI score0.00038EPSS

CVE•added 2024/12/05 5:15 a.m.•52 views

CVE-2024-42195

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.

6.8CVSS3.9AI score0.00203EPSS

CVE•added 2025/03/24 5:15 p.m.•52 views

CVE-2025-0255

HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements.

7.2CVSS7.8AI score0.00125EPSS

CVE•added 2024/04/15 9:15 p.m.•49 views

CVE-2024-23558

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

6.3CVSS6.6AI score0.00122EPSS

CVE•added 2024/04/15 6:15 p.m.•44 views

CVE-2024-23559

HCL DevOps Deploy / Launch is generating an obsolete HTTP header.

6.1CVSS6.9AI score0.00412EPSS

CVE•added 2024/04/15 9:15 p.m.•43 views

CVE-2024-23561

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.

4.3CVSS6.2AI score0.00382EPSS

CVE•added 2024/04/15 8:15 p.m.•42 views

CVE-2024-23560

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type.

4.9CVSS6.8AI score0.00128EPSS

CVE•added 2024/02/03 6:15 a.m.•41 views

CVE-2024-23550

HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.

6.2CVSS5.3AI score0.00054EPSS

CVE•added 2023/12/21 12:15 a.m.•36 views

CVE-2023-45703

HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.

7.5CVSS6.2AI score0.0008EPSS

CVE•added 2025/04/03 3:15 p.m.•35 views

CVE-2025-0272

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.

7.6CVSS6.8AI score0.00026EPSS

CVE•added 2023/07/10 6:15 p.m.•29 views

CVE-2023-23348

HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.

5.5CVSS5.1AI score0.00076EPSS

CVE•added 2023/12/28 7:15 a.m.•29 views

CVE-2023-45701

HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

6.5CVSS5.1AI score0.00081EPSS