CVE-2020-4126
MEDIUM
5,9
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none
MEDIUM
4,3
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: partial
Integrity: none
Availability: none
Description
AI Translation Available
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0019
Percentile
0,4th
Updated
EPSS Score Trend (Last 90 Days)
311
Missing Encryption of Sensitive Data
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Potential Impacts:
Read Application Data
Modify Application Data
Applicable Platforms
All platforms may be affected
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack3:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:11.0.1:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
Version Range Affected
From
9.0
(inclusive)
To
10.0.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack5:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:-:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
Version Range Affected
From
11.0.0
(inclusive)
To
11.0.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Hcl Inotes by Hcltech
CPE Identifier
View Detailed Analysis
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack4:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085411
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085411