CVE-2026-56459

Summary

HCL DevOps Deploy / HCL Launch is susceptible to sensitive information disclosure.  The application stores potentially sensitive information in log files that could be read by a local user.

Affected Software

VendorProductVersion RangeStatus
HCLSoftwareHCL DevOps Deploy / HCL Launch7.3-7.3.2.18, 8.0-8.0.1.13, 8.1-8.1.2.6, 8.2-8.2.1.0affected

Weaknesses

  • CWE-532: CWE-532 Insertion of sensitive information into log file

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References