NotCVE - vendor:"Hcltech" product:"Domino" version:" >= 11.0.0

10 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2024-23562 – HCL Domino is susceptible to an information disclosure vulnerability

https://notcve.org/view.php?id=CVE-2024-23562

08 Jul 2024 — This vulnerability is being re-assessed. Vulnerability details will be updated. The security bulletin will be republished when further details are available. Una vulnerabilidad de seguridad en HCL Domino podría permitir la divulgación de información de configuración confidencial. Un atacante remoto no autenticado podría aprovechar esta vulnerabilidad para obtener información y lanzar más ataques contra el sistema afectado. A security vulnerability in HCL Domino could allow disclosure of sensitive configurat... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113822 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 0%CPEs: 31EXPL: 0

CVE-2022-38654 – HCL Domino is susceptible to an information disclosure vulnerability

https://notcve.org/view.php?id=CVE-2022-38654

04 Nov 2022 — HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record. HCL Domino es susceptible a una vulnerabilidad de divulgación de información. En algunos escenarios, las llamadas locales realizadas en el servidor para buscar en el directorio Domino ignorarán las restricciones de ... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101017 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 59EXPL: 0

CVE-2022-27547 – HCL iNotes is susceptible to a link to non-existent domain vulnerability.

https://notcve.org/view.php?id=CVE-2022-27547

29 Aug 2022 — HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc. HCL iNotes es susceptible de una vulnerabilidad de enlace a un dominio no existente. Un atacante podría usar esta vulnerabilidad para engañar a un usuario para que proporcione información confidencial como el nombre de usuario, la contraseña, el número de tarjeta de crédito, etc • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100212 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 8.3EPSS: 0%CPEs: 59EXPL: 0

CVE-2022-27546 – HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2022-27546

29 Aug 2022 — HCL iNotes is susceptible to a Reflected Cross-site Scripting (XSS) vulnerability caused by improper validation of user-supplied input supplied with a form POST request. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's web browser within the security context of the hosting web site and/or steal the victim's cookie-based authentication credentials. HCL iNotes es susceptible de sufrir una vulnerabilidad de tipo Cross-site Scripting (XSS) Reflejad... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100216 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1

CVE-2020-14273

https://notcve.org/view.php?id=CVE-2020-14273

28 Dec 2020 — HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. An unauthenticated attacker could could exploit this vulnerability to crash the Domino server. HCL Domino es susceptible de una vulnerabilidad de denegación de servicio (DoS) debido a la insuficiente validación de la entrada a su API pública. Un atacante no autenticado podría aprovechar esta vulnerabilidad para bloquear el servidor Domino • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085947 • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-14270

https://notcve.org/view.php?id=CVE-2020-14270

22 Dec 2020 — HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server. HCL Domino versiones v9, v10, v11 es susceptible a una vulnerabilidad de divulgación de información en XPages debido al manejo inapropiado de errores de la entrada del usuario. Un atacante no autenticado podría explotar esta vulne... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085881 • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0

CVE-2020-4080

https://notcve.org/view.php?id=CVE-2020-4080

18 Dec 2020 — HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerability using specially-crafted markup to execute script in a victim's web browser within the security context of the hosting Web site and/or steal the victim's cookie-based authentication credentials. HCL Verse versiones v10 y v11, es susceptible a una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado de... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085887 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-14260

https://notcve.org/view.php?id=CVE-2020-14260

02 Dec 2020 — HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system. HCL Domino es susceptible a una vulnerabilidad de desbordamiento de búfer en DXL debido a una comprobación inapropiada de la entrada de usuario. Una explotación con éxito podría permitir a un atacante bloquear Domino o ejecutar código controlado por un atacante en el sistema d... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085500 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2020-4128

https://notcve.org/view.php?id=CVE-2020-4128

01 Dec 2020 — HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the ID Vault service. HCL Domino, es susceptible a una vulnerabilidad de omisión de políticas de bloqueo en el servicio ID Vault. Un atacante no autenticado podría usar esta vulnerabilidad para montar un ataque de fuerza bruta contra el servicio ID Vault • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085408 •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

CVE-2020-14230

https://notcve.org/view.php?id=CVE-2020-14230

21 Nov 2020 — HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the server. Versions previous to releases 9.0.1 FP10 IF6, 10.0.1 FP5 and 11.0.1 are affected. HCL Domino es susceptible a una vulnerabilidad de Denegación de Servicio causada por una comprobación inapropiada de la entrada suministrada por el usuario. Un atacante remoto no au... • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085303 • CWE-20: Improper Input Validation •