CVE-2020-4089
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2020
Last modified:
21/07/2021
Description
HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:hcltech:notes:9.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:hcltech:notes:10.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:hcltech:notes:11.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page