CVE-2023-45701 MEDIUM

CVE-2023-45701: HCL Launch is susceptible to sensitive information disclosure

Vendor Hcl Software
Product HCL Launch
Published December 28, 2023
Last update August 2, 2024

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

HCL Launch could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

Key dates

02Disclosure timeline

December 28, 2023 CVE published
August 2, 2024 Record updated