CVE-2020-4127 Information

Description

HCL Domino is susceptible to a Login CSRF vulnerability. With a valid credential an attacker could trick a user into accessing a system under another ID or use an intranet user’s system to access internal systems from the internet. Fixes are available in HCL Domino versions 9.0.1 FP10 IF6 10.0.1 FP6 and 11.0.1 FP1 and later.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Reference

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085409

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5