Sensitive Information Disclosure in HCL DevOps Deploy by HCL
CVE-2026-56459

6.2MEDIUM

What is CVE-2026-56459?

HCL DevOps Deploy / HCL Launch contains a vulnerability that allows potentially sensitive information to be uncovered through log files. These log files may be accessible to local users, exposing critical data that should remain confidential. Organizations using this software must take immediate action to secure their log files and minimize the risk of unauthorized access. For further details and guidance, refer to the HCL support article.

Affected Version(s)

HCL DevOps Deploy / HCL Launch 7.3-7.3.2.18, 8.0-8.0.1.13, 8.1-8.1.2.6, 8.2-8.2.1.0

References

CVSS V3.1

Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.