HCL DevOps Deploy / HCL Launch could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system.
Project Subscriptions
No data.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Thu, 09 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 09 Jul 2026 09:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | HCL DevOps Deploy / HCL Launch could disclose sensitive configurations and secrets to authenticated users in API responses that could be used in further attacks against the system. | |
| Title | HCL DevOps Deploy / HCL Launch is susceptible to an Insertion of Sensitive Information Into Sent Data vulnerability | |
| Weaknesses | CWE-201 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: HCL
Published:
Updated: 2026-07-09T12:23:15.700Z
Reserved: 2026-06-22T13:38:32.650Z
Link: CVE-2026-56460
Updated: 2026-07-09T12:23:10.854Z
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses