CVE-2020-4107
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HCL Software | HCL Domino | 9, 10 and 11 | affected |
Weaknesses
- CWE-284: CWE-284 Improper Access Control
Workarounds
Supported releases prior to 11.0.1 Fixpack 3 can use the following notes.ini setting to enable protection from this vulnerability:
SharedMemoryAllowOnly=1
Note that enabling this protection can impact some activities, see additional information in article, KB0090343. https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0090343
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.