CVE-2023-23348

Published: Jul 10, 2023Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.

Affected (5)

Products: Hcltechsw: Hcl Launch

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Hcltechsw Hcl Launch	From 6.2.0.0 to 6.2.7.20
Hcltechsw Hcl Launch	From 7.0.0.0 to 7.0.5.15
Hcltechsw Hcl Launch	From 7.1.0.0 to 7.1.2.11
Hcltechsw Hcl Launch	From 7.2.0.0 to 7.2.3.4
Hcltechsw Hcl Launch	From 7.3.0.0 to 7.3.1.0

Related CWEs

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (2)

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105978

Source: psirt@hcl.com

Vendor Advisory

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105978

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.