CVE-2020-4089

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2020
Last modified:
21/07/2021

Description

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:hcltech:notes:9.0:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:notes:10.0:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:notes:11.0:*:*:*:*:*:*:*