Search
Search Results (4 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56457 | 1 Hcltech | 1 Devops Deploy | 2026-06-29 | 4.3 Medium |
| HCL DevOps Deploy / HCL Launch is susceptible to an exposure of sensitive information vulnerability in output logs. This exposure could allow an attacker with access to the logs to potentially obtain sensitive values related to that step. | ||||
| CVE-2025-62327 | 2 Hcltech, Hcltechsw | 2 Devops Deploy, Hcl Devops Deploy | 2026-01-29 | 4.9 Medium |
| In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries. | ||||
| CVE-2025-62329 | 2 Hcltech, Hcltechsw | 3 Devops Deploy, Hcl Devops Deploy, Hcl Launch | 2026-01-07 | 5 Medium |
| HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions. | ||||
| CVE-2025-62330 | 2 Hcltech, Hcltechsw | 2 Devops Deploy, Hcl Devops Deploy | 2026-01-07 | 5.9 Medium |
| HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive monitoring or man-in-the-middle attacks. | ||||
Page 1 of 1.