HCL Leap Improper Access Control Vulnerability Allowing Application Import by Admin Users

Vulnerability

A vulnerability exists in HCL Leap due to improper access control on an endpoint, which allows certain admin users to import applications from the server's filesystem.

Impact

Exploitation of this vulnerability could lead to unauthorized application imports, potentially allowing for the introduction of malicious applications or code into the HCL Leap environment.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

0.6

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL Leap Improper Access Control Vulnerability Allowing Application Import by Admin Users

Vulnerability

Impact

Affected Products

HCL Leap

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating