CVE-2024-23561

Published: Apr 15, 2024Modified: Apr 11, 2025

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values.

Affected (5)

Products: Hcltechsw: Hcl Devops Deploy, Hcl Launch

2 products

Hcl Devops Deploy

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Hcltechsw Hcl Devops Deploy	From 8.0.0.0 to 8.0.1
Hcltechsw Hcl Launch	From 7.0.0.0 to 7.0.5.21
Hcltechsw Hcl Launch	From 7.1.0.0 to 7.1.2.17
Hcltechsw Hcl Launch	From 7.2.0.0 to 7.2.3.10
Hcltechsw Hcl Launch	From 7.3.0.0 to 7.3.2.5

Related CWEs

Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References (2)

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111926

Source: psirt@hcl.com

Vendor Advisory

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111926

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.