CVE-2025-31991
EUVD-2025-20942113.04.2026, 16:16
Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuccessful login attempt limit. This vulnerability is fixed in 5.1.7.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| hcltech | devops_velocity | 𝑥 < 5.1.7 |
𝑥
= Vulnerable software versions