Vulnerabilities > CVE-2020-14268 - Out-of-bounds Write vulnerability in Hcltech Notes

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

hcltech

CWE-787

critical

NVD

Published: 2020-12-14

Updated: 2020-12-15

Summary

A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This could allow a remote attacker to crash the client or inject code into the system which would execute with the privileges of the client.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Notes 9.0.1 Hcltech Notes 10.0.1 Hcltech Notes 9.0 Hcltech Notes 10.0 Hcltech Notes 10.0.0	38

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085762