Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

HCL DevOps Deploy

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found

CVE-2026-56458
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-5.4||MEDIUM
EPSS-0.25% / 15.99%
||
7 Day CHG+0.02%
Published-09 Jul, 2026 | 08:51
Updated-10 Jul, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL DevOps Deploy is susceptible to a Permissive Cross-domain Security Policy with Untrusted Domains

HCL DevOps Deploy uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains.

Action-Not Available
Vendor-HCLSoftwareHCL Technologies Ltd.
Product-hcl_devops_deployHCL DevOps Deploy
CWE ID-CWE-942
Permissive Cross-domain Policy with Untrusted Domains