Sensitive Information Exposure in HCL DevOps Deploy by HCL
CVE-2026-56457

4.3MEDIUM

Key Information:

Vendor: HCL Softwaresoftware
Status: HCL Software Devops Deploy / HCL Software Launch
Vendor: CVE Published:; 29 June 2026

🔔 Create HCL Softwaresoftware Vulnerability Alert

What is CVE-2026-56457?

HCL DevOps Deploy is affected by a vulnerability that permits unauthorized access to sensitive information through compromised output logs. An attacker with access to these logs could extract sensitive values inadvertently logged during operation, potentially compromising security policies and exposing critical data. Organizations using HCL DevOps Deploy should ensure proper log management and access controls to mitigate risks associated with this vulnerability.

Affected Version(s)

HCL DevOps Deploy / HCL Launch 7.3-7.3.2.18, 8.0-8.0.1.13, 8.1-8.1.2.6, 8.2-8.2.1.0

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2026
Vulnerability Reserved
Jun 22, 2026

CVE-2026-56457 Data

JSON