CVE-2020-4089

Summary

HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.

Affected Software

VendorProductVersion RangeStatus
HCLHCL NotesAll versions of HCL Notes v9affected
HCLHCL NotesAll versions of HCL Notes v10affected
HCLHCL NotesAll versions of HCL Notes v11affected

Weaknesses

  • "Information Leakage"

ADP Enrichment

CVE Program Container

Additional References

References