CVE-2020-14234

EPSS 0.46%
Published 21.11.2020 18:15:11
Last modified 21.11.2024 05:02:54
Source psirt@hcl.com
Teams watchlist Login
Open Login

HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Hcltech ≫ Domino Version < 9.0.1

Hcltech ≫ Domino Version >= 10.0.0 < 10.0.1

Hcltech ≫ Domino Version9.0.1 Update-

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_10_interim_fix_3

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_10_interim_fix_4

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_10_interim_fix_5

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_8

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_8_interim_fix_1

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_8_interim_fix_2

Hcltech ≫ Domino Version9.0.1 Updatefeature_pack_8_interim_fix_3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.46%	0.61

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-14234

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-14234

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-14234

EUVD