CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23562 – HCL Domino is susceptible to an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-23562
This vulnerability is being re-assessed. Vulnerability details will be updated. The security bulletin will be republished when further details are available. Una vulnerabilidad de seguridad en HCL Domino podría permitir la divulgación de información de configuración confidencial. Un atacante remoto no autenticado podría aprovechar esta vulnerabilidad para obtener información y lanzar más ataques contra el sistema afectado. A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113822 https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0116923 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23588 – A denial of service vulnerability affects HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-23588
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability. El servidor HCL Nomad en Domino no maneja adecuadamente a los usuarios configurados con acceso limitado a Domino, lo que genera una posible vulnerabilidad de denegación de servicio. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45716 – HCL Sametime is impacted by a sensitive information disclosure
https://notcve.org/view.php?id=CVE-2023-45716
Sametime is impacted by sensitive information passed in URL. Sametime se ve afectado por la información confidencial transmitida en la URL. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50349 – HCL Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2023-50349
Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. Some REST APIs in the Sametime Proxy application can allow an attacker to perform malicious actions on the application. Sametime se ve afectado por una vulnerabilidad de Cross Site Request Forgery (CSRF). Algunas API REST de la aplicación Sametime Proxy pueden permitir que un atacante realice acciones maliciosas en la aplicación. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109082 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-37528 – A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform
https://notcve.org/view.php?id=CVE-2023-37528
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attack to exploit an application parameter during execution of the Save Report. Vulnerabilidad de Cross-Site Scripting (XSS) en el componente Web Reports de HCL BigFix Platform posiblemente pueda permitir que un ataque explote un parámetro de la aplicación durante la ejecución de Save Report. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110209 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •