CVE-2020-4126

5.9MEDIUM

Key Information:

Vendor: HCL Software
Status: Hcl Inotes
Vendor: CVE Published:; 1 December 2020

Summary

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later.

Affected Version(s)

HCL iNotes v10.0.1 FP6, v11.0.1 FP2 and later

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 1, 2020
Vulnerability Reserved
Dec 30, 2019