HCL DevOps Deploy
Moderate fix2 remedies
cpe:2.3:a:hcltechsw:hcl_devops_deploy:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 8.0, <= 8.0.1.4
- >= 8.1, <= 8.1.0.0
HCL DevOps Deploy and HCL Launch Sensitive Information Log Vulnerability
Vulnerability
Patched
A vulnerability exists in HCL DevOps Deploy and HCL Launch, where potentially sensitive authentication token information is logged in files that could be accessed by a local user. This issue affects versions 7.0 through 7.0.5.26, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14, 7.3 through 7.3.2.9, 8.0 through 8.0.1.4, and 8.1 through 8.1.0.0.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive authentication tokens, which could be misused for authentication purposes or to gain access to restricted areas of the application.
Remediation
Users are advised to upgrade to version 7.0.5.26, 7.1.2.22, 7.2.3.15, 7.3.2.11, 8.0.1.5, 8.1.0.1 or later. Instructions for downloading the updated versions are available on the HCL Software License and Download Portal.
Added: Sep 1, 2025, 7:22 PM
Updated: Sep 1, 2025, 7:22 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
3.5remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.