Details of VAR-202407-0353

ID

VAR-202407-0353

CVE

CVE-2024-23562

TITLE

HCL Technologies Limited of Domino server Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-004128

DESCRIPTION

A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. A remote unauthenticated attacker could exploit this vulnerability to obtain information to launch further attacks against the affected system. HCL Technologies Limited of Domino server Exists in unspecified vulnerabilities.Information may be obtained

Trust: 1.62

sources: NVD: CVE-2024-23562 // JVNDB: JVNDB-2024-004128

AFFECTED PRODUCTS

vendor:	hcltech	model:	domino	scope:	eq	version:	12.0	Trust: 1.0
vendor:	hcltech	model:	domino	scope:	eq	version:	14.0	Trust: 1.0
vendor:	hcltech	model:	domino	scope:	eq	version:	11.0	Trust: 1.0
vendor:	hcl	model:	domino server	scope:	eq	version:	11.0	Trust: 0.8
vendor:	hcl	model:	domino server	scope:	eq	version:	-	Trust: 0.8
vendor:	hcl	model:	domino server	scope:	eq	version:	12.0	Trust: 0.8
vendor:	hcl	model:	domino server	scope:	eq	version:	14.0	Trust: 0.8
vendor:	hcl	model:	domino server	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-004128 // NVD: CVE-2024-23562

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-23562
value:	HIGH
Trust: 1.0
psirt@hcl.com:	CVE-2024-23562
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2024-23562
value:	HIGH
Trust: 0.8

nvd@nist.gov:	CVE-2024-23562
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
psirt@hcl.com:	CVE-2024-23562
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2024-23562
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-004128 // NVD: CVE-2024-23562 // NVD: CVE-2024-23562

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-200	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-004128 // NVD: CVE-2024-23562

EXTERNAL IDS

db:	NVD	id:	CVE-2024-23562	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-004128	Trust: 0.8

sources: JVNDB: JVNDB-2024-004128 // NVD: CVE-2024-23562

REFERENCES

url:	https://support.hcl-software.com/csm?id=kb_article&sysparm_article=kb0116923	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2024-23562	Trust: 0.8

sources: JVNDB: JVNDB-2024-004128 // NVD: CVE-2024-23562

SOURCES

db:	JVNDB	id:	JVNDB-2024-004128
db:	NVD	id:	CVE-2024-23562

LAST UPDATE DATE

2024-10-24T22:58:04.881000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-004128	date:	2024-07-12T00:49:00
db:	NVD	id:	CVE-2024-23562	date:	2024-10-23T23:15:12.397

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-004128	date:	2024-07-12T00:00:00
db:	NVD	id:	CVE-2024-23562	date:	2024-07-08T16:15:07.797