Insufficient Default Configuration in HCL Leap Allows Unauthorized Access
CVE-2023-45721

5.3MEDIUM

Key Information:

Vendor: HCL Software Software
Status: HCL Software Domino Leap
Vendor: CVE Published:; 30 April 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2023-45721?

The insufficient default configuration in HCL Leap allows for anonymous access to critical directory information, potentially exposing sensitive data to unauthorized users. This vulnerability can lead to data breaches and unauthorized manipulation of the system, emphasizing the need for proper security configurations to mitigate risks associated with unauthorized access.

Affected Version(s)

HCL Domino Leap 1.0 - 1.0.5; 1.1 - 1.1.3

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2025