Vulnerability CVE-2020-4102


Published: 2020-12-02

Description:
HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Notes or execute attacker-controlled code on the client system.

Type:

CWE-120

(Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Hcltech -> Notes 

 References:
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085499

Copyright 2024, cxsecurity.com

 

Back to Top