HCL Launch is susceptible to a Denial of Service vulnerability
CVE-2023-45703

5.3MEDIUM

Key Information:

Vendor

HCL Software
Status
HCL Launch
Vendor
CVE Published:
21 December 2023

What is CVE-2023-45703?

HCL Launch may mishandle input validation of an uploaded archive file leading to a denial of service due to resource exhaustion.

Affected Version(s)

HCL Launch 7.0 - 7.0.5.18, 7.1 - 7.1.2.14, 7.2 - 7.2.3.7, 7.3 - 7.3.2.2

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.