cbcvebase.
CVE-2022-38654
published 2022-11-04

CVE-2022-38654: HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will…

PriorityP423medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.18%
8.2th percentile
HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.

Affected

6 ranges
VendorProductVersion rangeFixed in
hcl_softwarehcl_domino
hcltechdomino
hcltechdomino
hcltechdomino
hcltechdomino
hcltechdomino
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.