Lucene search

HCLVULNRICHMENT:CVE-2024-23562

HistoryJul 08, 2024 - 3:57 p.m.

CVE-2024-23562 HCL Domino is susceptible to an information disclosure vulnerability

2024-07-0815:57:08

HCL

github.com

hcl domino

information disclosure

vulnerability

remote attacker

sensitive information

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

37.4%

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

This vulnerability is being re-assessed. Vulnerability details will be updated.
The security bulletin will be republished when further details are available.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:hcltech:domino:-:*:*:*:*:*:*:*"
    ],
    "vendor": "hcltech",
    "product": "domino",
    "versions": [
      {
        "status": "unknown",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "10.0"
      },
      {
        "status": "affected",
        "version": "11.0"
      },
      {
        "status": "affected",
        "version": "12.0"
      },
      {
        "status": "affected",
        "version": "14.0"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113822

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

37.4%

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-23562