HCL Launch is vulnerable to sensitive information disclosure
CVE-2023-23348

5.5MEDIUM

Key Information:

Vendor: Hcl Software
Status: Hcl Launch
Vendor: CVE Published:; 10 July 2023

Summary

HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.

Affected Version(s)

HCL Launch 6.2-6.2.7.19, 7.0-7.0.5.14, 7.1-7.1.2.10, 7.2.0.0-7.2.3.3, 7.3.0.0-7.3.0.1

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 10, 2023
Vulnerability Reserved
Jan 11, 2023

.