Vulnerabilities > CVE-2020-14270 - Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hcltech

CWE-755

NVD

Published: 2020-12-22

Updated: 2021-07-21

Summary

HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Domino 10.0.1 Hcltech Domino 9.0.1 Hcltech Domino 10.0 Hcltech Domino 10.0.0 Hcltech Domino 11.0.1 Hcltech Domino 11.0.0	26

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085881