CVE-2025-62329 — MEDIUM (5.0)

Q: How severe is CVE-2025-62329?

CVE-2025-62329 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-62329?

Check the references section above for vendor advisories and patch information. Affected products include: Hcltechsw Hcl Devops Deploy, Hcltechsw Hcl Launch.

Vulnerability Description

HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invalidated. This could lead to unauthorized access under certain network conditions.

CVSS Score

5.0

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Hcltechsw	Hcl Devops Deploy	>= 8.0.0.0, < 8.0.1.11
Hcltechsw	Hcl Launch	>= 7.3.0.0, < 7.3.2.16

Related Weaknesses (CWE)

CWE-613

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127332Vendor Advisory

FAQ

What is CVE-2025-62329?

CVE-2025-62329 is a vulnerability with a CVSS score of 5.0 (MEDIUM). HCL DevOps Deploy / HCL Launch is susceptible to a race condition in http-session client-IP binding enforcement which may allow a session to be briefly reused from a new IP address before it is invali...

How severe is CVE-2025-62329?

CVE-2025-62329 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-62329?

Check the references section above for vendor advisories and patch information. Affected products include: Hcltechsw Hcl Devops Deploy, Hcltechsw Hcl Launch.