Skip to main content

Hcl Launch

21 CVEs product

Monthly

CVE-2025-0272 MEDIUM This Month

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-0257 MEDIUM This Month

HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2025-0273 MEDIUM This Month

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-0255 HIGH This Week

HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
7.2
EPSS
0.6%
CVE-2025-0256 MEDIUM This Month

HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-42196 MEDIUM This Month

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-42195 MEDIUM This Month

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2024-23561 MEDIUM This Month

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-23558 MEDIUM This Month

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2024-23560 MEDIUM This Month

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2024-23559 MEDIUM This Month

HCL DevOps Deploy / Launch is generating an obsolete HTTP header. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-23550 MEDIUM This Month

HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Hcl Devops Deploy Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-45702 MEDIUM This Month

An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts.. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-45701 MEDIUM This Month

HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-45700 MEDIUM This Month

HCL Launch is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Hcl Launch
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-45703 HIGH This Week

HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Hcl Launch
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-23348 MEDIUM This Month

HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-42445 MEDIUM This Month

HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2022-27551 MEDIUM This Month

HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hcl Launch
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-27549 MEDIUM This Month

HCL Launch may store certain data for recurring activities in a plain text format. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-27548 MEDIUM This Month

HCL Launch stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
CVSS 3.1
5.5
EPSS
0.5%
EPSS 0% CVSS 5.4
MEDIUM This Month

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Hcl Devops Deploy +1
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Hcl Devops Deploy +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
EPSS 1% CVSS 7.2
HIGH This Week

HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Hcl Devops Deploy Hcl Launch
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hcl Devops Deploy Hcl Launch
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Hcl Devops Deploy +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hcl Devops Deploy Hcl Launch
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

HCL DevOps Deploy / Launch is generating an obsolete HTTP header. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hcl Devops Deploy Hcl Launch
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Hcl Devops Deploy +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts.. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Hcl Launch
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

HCL Launch is vulnerable to HTML injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure XSS Hcl Launch
NVD
EPSS 0% CVSS 7.5
HIGH This Week

HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Hcl Launch
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Hcl Launch
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

HCL Launch may store certain data for recurring activities in a plain text format. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

HCL Launch stores user credentials in plain clear text which can be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Hcl Launch
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy