PublicCVE
Log inSign up

CVE-2024-23560

MEDIUM4.4JSON exportCreate alert

Description

HCL DevOps Deploy / HCL Launch could be vulnerable to incomplete revocation of permissions when deleting a custom security resource type.

CVSS breakdown

CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Affected products

  • HCL Software / DevOps Deploy / Launch7.0 - 7.0.5.20, 7.1 - 7.1.2.16, 7.2 - 7.2.3.9, 7.3 - 7.3.2.4, 8.0 - 8.0.0.1 – 7.0 - 7.0.5.20, 7.1 - 7.1.2.16, 7.2 - 7.2.3.9, 7.3 - 7.3.2.4, 8.0 - 8.0.0.1

References