CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30129 – HCL Nomad server on Domino is affected by a host header injection vulnerability
https://notcve.org/view.php?id=CVE-2024-30129
06 Dec 2024 — The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0117533 • CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30132 – Missing default HTTP security headers affect HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-30132
01 Oct 2024 — HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0116298 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23586 – An insufficient session timeout vulnerability affects HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-23586
27 Sep 2024 — HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115264 • CWE-613: Insufficient Session Expiration •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30128 – An open proxy vulnerability affects HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-30128
25 Sep 2024 — HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115504 • CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30130 – HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability
https://notcve.org/view.php?id=CVE-2024-30130
19 Jul 2024 — HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information. El servidor HCL Nomad en Domino es vulnerable al caché que contiene información confidencial, lo que potencialmente podría brindarle a un atacante la capacidad de adquirir información confidencial. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114184 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23588 – A denial of service vulnerability affects HCL Nomad server on Domino
https://notcve.org/view.php?id=CVE-2024-23588
05 Jul 2024 — HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability. El servidor HCL Nomad en Domino no maneja adecuadamente a los usuarios configurados con acceso limitado a Domino, lo que genera una posible vulnerabilidad de denegación de servicio. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 •