CVE-2022-27549 - Vulnerability Details - OpenCVE

HCL Launch may store certain data for recurring activities in a plain text format.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hcltechsw	Hcl Launch

Configuration 1 [-]

OR	cpe:2.3:a:hcltechsw:hcl_launch:7.0.5.10:::::::*
	cpe:2.3:a:hcltechsw:hcl_launch:7.1.2.6:::::::*
	cpe:2.3:a:hcltechsw:hcl_launch:7.2.2.1:::::::*

No data.

References

Link	Providers
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254

History

Mon, 16 Sep 2024 21:00:00 +0000

Type	Values Removed	Values Added
Title	HCL Launch could disclose sensitive database information to a local user in plain text.	HCL Launch could disclose sensitive database information to a local user in plain text.

MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2022-07-06T20:25:14.576797Z

Updated: 2024-09-16T20:42:45.568Z

Reserved: 2022-03-21T00:00:00

Link: CVE-2022-27549

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-07-06T21:15:11.947

Modified: 2024-11-21T06:55:57.030

Link: CVE-2022-27549

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "HCL Launch", "vendor": "HCL Software", "versions": [{"status": "affected", "version": "7.2.2.1, 7.1.2.6, 7.0.5.10"}]}], "datePublic": "2022-07-01T00:00:00", "descriptions": [{"lang": "en", "value": "HCL Launch may store certain data for recurring activities in a plain text format."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532 Information Exposure Through Log Files", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-06T20:25:14", "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254"}], "source": {"discovery": "UNKNOWN"}, "title": "HCL Launch could disclose sensitive database information to a local user in plain text.", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@hcl.com", "DATE_PUBLIC": "2022-07-01T19:43:00.000Z", "ID": "CVE-2022-27549", "STATE": "PUBLIC", "TITLE": "HCL Launch could disclose sensitive database information to a local user in plain text."}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HCL Launch", "version": {"version_data": [{"version_value": "7.2.2.1, 7.1.2.6, 7.0.5.10"}]}}]}, "vendor_name": "HCL Software"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HCL Launch may store certain data for recurring activities in a plain text format."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-532 Information Exposure Through Log Files"}]}]}, "references": {"reference_data": [{"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254", "refsource": "MISC", "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:32:59.249Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254"}]}]}, "cveMetadata": {"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "assignerShortName": "HCL", "cveId": "CVE-2022-27549", "datePublished": "2022-07-06T20:25:14.576797Z", "dateReserved": "2022-03-21T00:00:00", "dateUpdated": "2024-09-16T20:42:45.568Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:7.0.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "C617DA00-E746-4043-8182-197C13D8DC65", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:7.1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "28924E85-9744-423C-87BA-F31619F9D6B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:7.2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "28210B2D-06A0-4678-8C41-BFE8C5716DF0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "HCL Launch may store certain data for recurring activities in a plain text format."}, {"lang": "es", "value": "HCL Launch puede almacenar determinados datos para actividades recurrentes en un formato de texto plano"}], "id": "CVE-2022-27549", "lastModified": "2024-11-21T06:55:57.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "psirt@hcl.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-06T21:15:11.947", "references": [{"source": "psirt@hcl.com", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099254"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "psirt@hcl.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}]}