Filtered by vendor Hcltech
Subscriptions
Filtered by product Devops Deploy
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62329 | 1 Hcltech | 1 Devops Deploy | 2025-12-17 | 5 Medium |
| HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions. | ||||
| CVE-2025-62330 | 1 Hcltech | 1 Devops Deploy | 2025-12-16 | 5.9 Medium |
| HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive monitoring or man-in-the-middle attacks. | ||||
Page 1 of 1.