HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.