HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Metrics
Affected Vendors & Products
References
History
Fri, 01 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Hcltechsw
Hcltechsw hcl Devops Deploy Hcltechsw hcl Launch |
|
Weaknesses | CWE-290 | |
CPEs | cpe:2.3:a:hcltechsw:hcl_devops_deploy:8.0.0.0:*:*:*:*:*:*:* cpe:2.3:a:hcltechsw:hcl_launch:7.0.0.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Hcltechsw
Hcltechsw hcl Devops Deploy Hcltechsw hcl Launch |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2024-04-15T21:00:12.401Z
Updated: 2024-11-01T18:35:31.536Z
Reserved: 2024-01-18T07:29:53.325Z
Link: CVE-2024-23558
Vulnrichment
Updated: 2024-08-01T23:06:25.312Z
NVD
Status : Awaiting Analysis
Published: 2024-04-15T21:15:07.080
Modified: 2024-11-01T19:35:15.123
Link: CVE-2024-23558
Redhat
No data.