CVE-2022-27558

Summary

HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL iNotes12.0.1, 12.0.1FP1affected

Weaknesses

  • CWE-521: CWE-521 Weak Password Requirements

ADP Enrichment

CVE Program Container

Additional References

References