HCL SOFTWARE HCL Launch 7.0.5.21

CPE Details

HCL SOFTWARE HCL Launch 7.0.5.21
hcltechsw
hcl_launch
7.0.5.21
2025-04-08
11h33 +00:00
2025-04-08
11h33 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:hcltechsw:hcl_launch:7.0.5.21:*:*:*:*:*:*:*

Informations

Vendor

hcltechsw

Product

hcl_launch

Version

7.0.5.21

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2025-0272 2025-04-03 14h56 +00:00 HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
7.6
Haute
CVE-2025-0273 2025-03-27 05h03 +00:00 HCL DevOps Deploy / HCL Launch stores potentially sensitive authentication token information in log files that could be read by a local user.
5.5
Moyen
CVE-2025-0255 2025-03-24 16h32 +00:00 HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute arbitrary commands on the system by sending specially crafted input containing special elements.
7.2
Haute
CVE-2025-0256 2025-03-24 15h35 +00:00 HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
6.5
Moyen
CVE-2024-42196 2024-12-06 14h47 +00:00 HCL Launch stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs.
6.2
Moyen
CVE-2024-42195 2024-12-05 04h47 +00:00 HCL DevOps Deploy / HCL Launch is vulnerable to HTML injection. This vulnerability may allow a user to embed arbitrary HTML tags in the Web UI potentially leading to sensitive information disclosure.
6.8
Moyen
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.