Description

HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the client. Versions 9, 10 and 11 are affected.

Related CPE's

a

hcltech

notes

3

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085304

PatchVendor Advisory

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085304

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-20

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2020-11-21T17:15:11.743Z

5 years ago

Last modified

2024-11-21T04:02:55.167Z

1 year ago