HCL SOFTWARE HCL Launch 7.2.3.14

CPE Details

HCL SOFTWARE HCL Launch 7.2.3.14
hcltechsw
hcl_launch
7.2.3.14
2025-04-08
11h33 +00:00
2025-04-08
11h33 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:hcltechsw:hcl_launch:7.2.3.14:*:*:*:*:*:*:*

Informations

Vendor

hcltechsw

Product

hcl_launch

Version

7.2.3.14

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-0272 2025-04-03 14h56 +00:00 HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
7.6
High
CVE-2025-0257 2025-04-02 22h04 +00:00 HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.
7.5
High
CVE-2025-0273 2025-03-27 05h03 +00:00 HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.
5.5
Medium
CVE-2025-0255 2025-03-24 16h32 +00:00 HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements.
7.2
High
CVE-2025-0256 2025-03-24 15h35 +00:00 HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
6.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.