Vulnerability in Hcltech Hcl_inotes
CVE-2020-4126
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and…
EPSS: 0.007 (47.1th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Hcltech Hcl_inotes — versions 10.0.1, 11.0.1
- N/a Hcl Inotes — versions v10.0.1 FP6, v11.0.1 FP2 and later
Weakness classification (CWE)
References
- psirt@hcl.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-4126?
- CVE-2020-4126 is a medium-severity vulnerability in Hcltech Hcl_inotes, classified under Missing Encryption of Sensitive Data. CVSS score: 5.9/10. Published 2020-12-01.
- How severe is CVE-2020-4126?
- Medium severity. CVSS v3 base score is 5.9 out of 10.