Home

Description

HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure. The application stores potentially sensitive information in log files that could be read by a local user.

PUBLISHED Reserved 2026-06-22 | Published 2026-07-09 | Updated 2026-07-09 | Assigner HCL




MEDIUM: 6.2CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-532 Insertion of sensitive information into log file

Product status

Default status
unaffected

7.3-7.3.2.18, 8.0-8.0.1.13, 8.1-8.1.2.6, 8.2-8.2.1.0
affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0131696

cve.org (CVE-2026-56459)

nvd.nist.gov (CVE-2026-56459)

Download JSON