Hcl Software Hcl Domino vulnerabilities
3 known vulnerabilities affecting hcl_software/hcl_domino.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-38660P3HIGHCVSS 8.8vv92022-11-04
CVE-2022-38660 [HIGH] CWE-352 CVE-2022-38660: HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An un
HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.
nvd
CVE-2020-4107P3HIGHCVSS 7.8v9, 10 and 112022-05-19
CVE-2020-4107 [HIGH] CWE-284 CVE-2020-4107: HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker wi
HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure.
nvd
CVE-2022-38654P4MEDIUMCVSS 5.5v9, 10, 11, 122022-11-04
CVE-2022-38654 [MEDIUM] CWE-200 CVE-2022-38654: HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local call
HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.
nvd