Filtered by vendor Hcltechsw Subscriptions
Filtered by product Hcl Launch Subscriptions
Total 12 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-23558 1 Hcltechsw 2 Hcl Devops Deploy, Hcl Launch 2024-11-01 6.3 Medium
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVE-2023-23348 1 Hcltechsw 1 Hcl Launch 2024-10-29 5.1 Medium
HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.
CVE-2022-27551 1 Hcltechsw 1 Hcl Launch 2024-09-16 5.3 Medium
HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking.
CVE-2022-27549 1 Hcltechsw 1 Hcl Launch 2024-09-16 4 Medium
HCL Launch may store certain data for recurring activities in a plain text format.
CVE-2022-27548 1 Hcltechsw 1 Hcl Launch 2024-09-16 4.9 Medium
HCL Launch stores user credentials in plain clear text which can be read by a local user.
CVE-2022-42445 1 Hcltechsw 1 Hcl Launch 2024-08-03 4.9 Medium
HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches.
CVE-2022-42452 1 Hcltechsw 1 Hcl Launch 2024-08-03 4.6 Medium
HCL Launch is vulnerable to HTML injection.  HTML code is stored and included without being sanitized. This can lead to further attacks such as XSS and Open Redirections.
CVE-2023-45703 1 Hcltechsw 1 Hcl Launch 2024-08-02 5.3 Medium
HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.
CVE-2023-45700 1 Hcltechsw 1 Hcl Launch 2024-08-02 4.3 Medium
HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
CVE-2023-45702 2 Hcltechsw, Microsoft 2 Hcl Launch, Windows 2024-08-02 6.2 Medium
An HCL UrbanCode Deploy Agent installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts..
CVE-2023-45701 1 Hcltechsw 1 Hcl Launch 2024-08-02 4.3 Medium
HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVE-2024-23550 1 Hcltechsw 2 Hcl Devops Deploy, Hcl Launch 2024-08-01 6.2 Medium
HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent.