CVE-2020-14230

HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the server. Versions previous to releases 9.0.1 FP10 IF6, 10.0.1 FP5 and 11.0.1 are affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
HCLCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
hcltechdomino
𝑥
< 9.0.1
hcltechdomino
10.0.0 ≤
𝑥
< 10.0.1
hcltechdomino
11.0.0 ≤
𝑥
< 11.0.1
hcltechdomino
9.0.1
hcltechdomino
9.0.1:feature_pack_10_interim_fix_3
hcltechdomino
9.0.1:feature_pack_10_interim_fix_4
hcltechdomino
9.0.1:feature_pack_8
hcltechdomino
9.0.1:feature_pack_8_interim_fix_1
hcltechdomino
9.0.1:feature_pack_8_interim_fix_2
hcltechdomino
9.0.1:feature_pack_8_interim_fix_3
hcltechdomino
10.0.1
hcltechdomino
10.0.1:fix_pack_1
hcltechdomino
10.0.1:fix_pack_2
hcltechdomino
10.0.1:fix_pack_3
hcltechdomino
10.0.1:fix_pack_4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085303
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085303