HCL Domino Security Vulnerability Could Lead to Sensitive Configuration Information Disclosure
CVE-2024-23562

7.5HIGH

Key Information:

Vendor: Hcl Software
Status: Domino Server
Vendor: CVE Published:; 8 July 2024

Summary

A security vulnerability has been identified in HCL Domino, allowing remote unauthenticated attackers to potentially expose sensitive configuration information. By exploiting this flaw, attackers may gather critical insights to launch further targeted attacks on the affected systems, posing significant risks to data integrity and system security.

Affected Version(s)

Domino Server 11, 12, 14

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 8, 2024
Vulnerability Reserved
Jan 18, 2024

Credit

Christopher O’Boyle – Synopsys Cybersecurity Research Center (CyRC) Researcher