Stack Buffer Overflow in HCL Notes Client Versions 9 and 10
CVE-2020-14268

9.8CRITICAL

Key Information:

Vendor: HCL Software
Status: Hcl Notes
Vendor: CVE Published:; 14 December 2020

Summary

A vulnerability exists in the MIME message handling component of the HCL Notes Client (versions 9 and 10) that could be exploited by an unauthenticated attacker. If successfully exploited, this vulnerability may lead to a stack buffer overflow, enabling an attacker to potentially crash the client or inject malicious code that executes with the same privileges as the client. It is crucial for users and organizations using affected versions to apply necessary patches and review security configurations to mitigate risks.

Affected Version(s)

HCL Notes v9, v10

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 14, 2020
Vulnerability Reserved
Jun 17, 2020