Denial of Service Vulnerability in HCL Domino
CVE-2020-14230

7.5HIGH

Key Information:

Vendor: HCL Software
Status: Hcl Domino
Vendor: CVE Published:; 21 November 2020

Summary

HCL Domino is vulnerable to a Denial of Service flaw that arises from inadequate validation of user-supplied input. This vulnerability can be exploited by remote unauthenticated attackers who send specially-crafted email messages, potentially causing the server to hang and disrupt service. It is critical for users running versions prior to 9.0.1 FP10 IF6, 10.0.1 FP5, and 11.0.1 to take immediate action to mitigate this risk.

Affected Version(s)

HCL Domino versions previous to releases 9.0.1 FP10 IF6

HCL Domino 10.0.1 FP5

HCL Domino 11.0.1

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 21, 2020
Vulnerability Reserved
Jun 17, 2020