CVE-2024-30129
- EPSS 0.11%
- Published 06.12.2024 16:15:20
- Last modified 06.12.2024 16:15:20
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address.
CVE-2024-23586
- EPSS 0.19%
- Published 27.09.2024 22:15:12
- Last modified 07.10.2024 15:30:56
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
CVE-2023-23342
- EPSS 0.06%
- Published 10.08.2023 19:15:09
- Last modified 21.11.2024 07:46:00
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
CVE-2020-4092
- EPSS 0.06%
- Published 06.05.2020 13:15:14
- Last modified 21.11.2024 05:32:16
"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel wit...