CVE-2025-0257

Summary

HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL DevOps Deploy / HCL Launch7.1 - 7.1.2.22; 7.2 - 7.2.3.15; 7.3 - 7.3.2.10; 8.0 - 8.0.1.5; 8.1 - 8.1.0.1affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References