CVE-2020-14234

Description

HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected.

Related CPE's

ahcltechdomino********

vulnerable

ahcltechdomino9.0.1-******

vulnerable

ahcltechdomino9.0.1feature_pack_10_interim_fix_3******

vulnerable

ahcltechdomino9.0.1feature_pack_10_interim_fix_4******

vulnerable

ahcltechdomino9.0.1feature_pack_10_interim_fix_5******

vulnerable

ahcltechdomino9.0.1feature_pack_8******

vulnerable

ahcltechdomino9.0.1feature_pack_8_interim_fix_1******

vulnerable

ahcltechdomino9.0.1feature_pack_8_interim_fix_2******

vulnerable

ahcltechdomino9.0.1feature_pack_8_interim_fix_3******

vulnerable

ahcltechdomino********

vulnerable

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302

Patch

Vendor Advisory

CvssV3 impact

BaseSeverity

HIGH

ConfidentialityImpact

NONE

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

HIGH

IntegrityImpact

NONE

PrivilegesRequired

NONE

BaseScore

7.5

VectorString

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

PARTIAL

IntegrityImpact

NONE

BaseScore

5

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:P

Version

2.0

AccessVector

NETWORK

Authentication

NONE