CVE-2026-21760
4.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Summary
HCL DevOps Loop is affected by an Unauthorized Access to Admin Functionality (Forced Browsing) vulnerability. Improper authorization checks may allow unauthorized users to access restricted administrative functionality by directly accessing protected application endpoints.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HCLSoftware | DevOps Loop | 2.0.0 | affected |
Weaknesses
- CWE-425: CWE-425: Direct Request (Forced Browsing)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.