Lucene search

HCLCVELIST:CVE-2020-4129

HistoryNov 30, 2020 - 11:46 p.m.

CVE-2020-4129

2020-11-3023:46:22

HCL

www.cve.org

hcl domino

ldap service

vulnerability

lockout policy bypass

unauthenticated attacker

brute force attack

fix available

version 9.0.1

version 10.0.1

version 11.0.1

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

38.5%

JSON

HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the LDAP service. Fixes are available in HCL Domino versions 9.0.1 FP10 IF6, 10.0.1 FP6 and 11.0.1 FP1 and later.

CNA Affected

[
  {
    "product": "HCL Domino",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "v9.0.1 FP10 IF6, v10.0.1 FP6, v11.0.1 FP1"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085407