Vulnerabilities > CVE-2020-4089 - Unspecified vulnerability in Hcltech Notes 10.0/11.0/9.0

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

hcltech

NVD

Published: 2020-06-26

Updated: 2021-07-21

Summary

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Notes 9.0 Hcltech Notes 11.0 Hcltech Notes 10.0	3

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080343