7.5
CVE-2024-30132
- EPSS 0.5%
- Veröffentlicht 01.10.2024 12:15:03
- Zuletzt bearbeitet 30.10.2025 18:15:31
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
LoginMissing default HTTP security headers affect HCL Nomad server on Domino
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hcltech ≫ Nomad Server On Domino Version < 1.0.13
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.5% | 0.654 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@hcl.com | 3.7 | 2.2 | 1.4 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-922 Insecure Storage of Sensitive Information
The product stores sensitive information without properly limiting read or write access by unauthorized actors.