Search criteria
12 vulnerabilities found for Nomad server on Domino by HCL Software
CVE-2024-30129 (GCVE-0-2024-30129)
Vulnerability from cvelistv5 – Published: 2024-12-06 15:57 – Updated: 2024-12-06 17:01
VLAI?
Title
HCL Nomad server on Domino is affected by a host header injection vulnerability
Summary
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address.
Severity ?
5.3 (Medium)
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hcltech:hcl_nomad:*:*:*:*:*:-:*:*"
],
"defaultStatus": "unknown",
"product": "hcl_nomad",
"vendor": "hcltech",
"versions": [
{
"lessThan": "1.0.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T16:48:55.323916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T17:01:53.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.14"
}
]
}
],
"datePublic": "2024-12-06T15:38:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address."
}
],
"value": "The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T15:57:41.869Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117533"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL Nomad server on Domino is affected by a host header injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30129",
"datePublished": "2024-12-06T15:57:41.869Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-12-06T17:01:53.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30132 (GCVE-0-2024-30132)
Vulnerability from cvelistv5 – Published: 2024-10-01 12:10 – Updated: 2024-10-29 20:29
VLAI?
Title
Missing default HTTP security headers affect HCL Nomad server on Domino
Summary
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.
Severity ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T13:16:03.731292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T20:29:13.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.13"
}
]
}
],
"datePublic": "2024-10-01T12:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors. \u0026nbsp;"
}
],
"value": "HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T12:12:13.009Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0116298"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing default HTTP security headers affect HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30132",
"datePublished": "2024-10-01T12:10:08.679Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-10-29T20:29:13.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23586 (GCVE-0-2024-23586)
Vulnerability from cvelistv5 – Published: 2024-09-27 21:20 – Updated: 2024-10-04 13:56
VLAI?
Title
An insufficient session timeout vulnerability affects HCL Nomad server on Domino
Summary
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
Severity ?
5.3 (Medium)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.13
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hcltech:nomad_server_on_domino:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nomad_server_on_domino",
"vendor": "hcltech",
"versions": [
{
"lessThan": "1.0.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T13:53:43.919681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T13:56:37.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.13"
}
]
}
],
"datePublic": "2024-09-27T21:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad is susceptible to an insufficient session expiration vulnerability. \u0026nbsp; Under certain circumstances, an unauthenticated attacker could obtain old session information. \u0026nbsp;"
}
],
"value": "HCL Nomad is susceptible to an insufficient session expiration vulnerability. \u00a0 Under certain circumstances, an unauthenticated attacker could obtain old session information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T21:20:29.383Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0115264"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An insufficient session timeout vulnerability affects HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-23586",
"datePublished": "2024-09-27T21:20:29.383Z",
"dateReserved": "2024-01-18T07:30:10.662Z",
"dateUpdated": "2024-10-04T13:56:37.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30128 (GCVE-0-2024-30128)
Vulnerability from cvelistv5 – Published: 2024-09-25 14:42 – Updated: 2024-09-25 15:34
VLAI?
Title
An open proxy vulnerability affects HCL Nomad server on Domino
Summary
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information.
Severity ?
8.6 (High)
CWE
- CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.13
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hcltech:nomad_server_on_domino:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nomad_server_on_domino",
"vendor": "hcltech",
"versions": [
{
"lessThan": "1.0.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:27:27.770959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:34:19.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.13"
}
]
}
],
"datePublic": "2024-09-25T14:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information."
}
],
"value": "HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:42:53.930Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0115504"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An open proxy vulnerability affects HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30128",
"datePublished": "2024-09-25T14:42:53.930Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-09-25T15:34:19.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30130 (GCVE-0-2024-30130)
Vulnerability from cvelistv5 – Published: 2024-07-19 00:03 – Updated: 2024-08-02 01:25
VLAI?
Title
HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability
Summary
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information.
Severity ?
CWE
- CWE-525 - Use of Web Browser Cache Containing Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
< 1.0.12
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T17:18:47.714746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:19:14.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114184"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.12"
}
]
}
],
"datePublic": "2024-07-18T23:57:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information.\u003cbr\u003e"
}
],
"value": "HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-525",
"description": "CWE-525 Use of Web Browser Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T00:03:13.207Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114184"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30130",
"datePublished": "2024-07-19T00:03:13.207Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-08-02T01:25:03.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23588 (GCVE-0-2024-23588)
Vulnerability from cvelistv5 – Published: 2024-07-05 13:08 – Updated: 2024-10-30 17:49
VLAI?
Title
A denial of service vulnerability affects HCL Nomad server on Domino
Summary
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.
Severity ?
5.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<=1.0.11
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T14:01:49.102192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T17:49:03.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c=1.0.11"
}
]
}
],
"datePublic": "2024-07-05T12:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T13:08:46.782Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114193"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A denial of service vulnerability affects HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-23588",
"datePublished": "2024-07-05T13:08:46.782Z",
"dateReserved": "2024-01-18T07:30:10.662Z",
"dateUpdated": "2024-10-30T17:49:03.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30129 (GCVE-0-2024-30129)
Vulnerability from nvd – Published: 2024-12-06 15:57 – Updated: 2024-12-06 17:01
VLAI?
Title
HCL Nomad server on Domino is affected by a host header injection vulnerability
Summary
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address.
Severity ?
5.3 (Medium)
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.14
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hcltech:hcl_nomad:*:*:*:*:*:-:*:*"
],
"defaultStatus": "unknown",
"product": "hcl_nomad",
"vendor": "hcltech",
"versions": [
{
"lessThan": "1.0.14",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T16:48:55.323916Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T17:01:53.834Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.14"
}
]
}
],
"datePublic": "2024-12-06T15:38:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address."
}
],
"value": "The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T15:57:41.869Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0117533"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL Nomad server on Domino is affected by a host header injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30129",
"datePublished": "2024-12-06T15:57:41.869Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-12-06T17:01:53.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30132 (GCVE-0-2024-30132)
Vulnerability from nvd – Published: 2024-10-01 12:10 – Updated: 2024-10-29 20:29
VLAI?
Title
Missing default HTTP security headers affect HCL Nomad server on Domino
Summary
HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.
Severity ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.13
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T13:16:03.731292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T20:29:13.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.13"
}
]
}
],
"datePublic": "2024-10-01T12:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors. \u0026nbsp;"
}
],
"value": "HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T12:12:13.009Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0116298"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing default HTTP security headers affect HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30132",
"datePublished": "2024-10-01T12:10:08.679Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-10-29T20:29:13.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23586 (GCVE-0-2024-23586)
Vulnerability from nvd – Published: 2024-09-27 21:20 – Updated: 2024-10-04 13:56
VLAI?
Title
An insufficient session timeout vulnerability affects HCL Nomad server on Domino
Summary
HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.
Severity ?
5.3 (Medium)
CWE
- CWE-613 - Insufficient Session Expiration
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.13
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hcltech:nomad_server_on_domino:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "nomad_server_on_domino",
"vendor": "hcltech",
"versions": [
{
"lessThan": "1.0.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23586",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-04T13:53:43.919681Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-04T13:56:37.356Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.13"
}
]
}
],
"datePublic": "2024-09-27T21:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad is susceptible to an insufficient session expiration vulnerability. \u0026nbsp; Under certain circumstances, an unauthenticated attacker could obtain old session information. \u0026nbsp;"
}
],
"value": "HCL Nomad is susceptible to an insufficient session expiration vulnerability. \u00a0 Under certain circumstances, an unauthenticated attacker could obtain old session information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T21:20:29.383Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0115264"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An insufficient session timeout vulnerability affects HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-23586",
"datePublished": "2024-09-27T21:20:29.383Z",
"dateReserved": "2024-01-18T07:30:10.662Z",
"dateUpdated": "2024-10-04T13:56:37.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30128 (GCVE-0-2024-30128)
Vulnerability from nvd – Published: 2024-09-25 14:42 – Updated: 2024-09-25 15:34
VLAI?
Title
An open proxy vulnerability affects HCL Nomad server on Domino
Summary
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information.
Severity ?
8.6 (High)
CWE
- CWE-441 - Unintended Proxy or Intermediary ('Confused Deputy')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<1.0.13
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hcltech:nomad_server_on_domino:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nomad_server_on_domino",
"vendor": "hcltech",
"versions": [
{
"lessThan": "1.0.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T15:27:27.770959Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T15:34:19.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c1.0.13"
}
]
}
],
"datePublic": "2024-09-25T14:35:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information."
}
],
"value": "HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T14:42:53.930Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0115504"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An open proxy vulnerability affects HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30128",
"datePublished": "2024-09-25T14:42:53.930Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-09-25T15:34:19.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30130 (GCVE-0-2024-30130)
Vulnerability from nvd – Published: 2024-07-19 00:03 – Updated: 2024-08-02 01:25
VLAI?
Title
HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability
Summary
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information.
Severity ?
CWE
- CWE-525 - Use of Web Browser Cache Containing Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
< 1.0.12
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-30130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T17:18:47.714746Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:19:14.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114184"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.12"
}
]
}
],
"datePublic": "2024-07-18T23:57:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information.\u003cbr\u003e"
}
],
"value": "HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-525",
"description": "CWE-525 Use of Web Browser Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T00:03:13.207Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114184"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-30130",
"datePublished": "2024-07-19T00:03:13.207Z",
"dateReserved": "2024-03-22T23:57:23.589Z",
"dateUpdated": "2024-08-02T01:25:03.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23588 (GCVE-0-2024-23588)
Vulnerability from nvd – Published: 2024-07-05 13:08 – Updated: 2024-10-30 17:49
VLAI?
Title
A denial of service vulnerability affects HCL Nomad server on Domino
Summary
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.
Severity ?
5.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HCL Software | Nomad server on Domino |
Affected:
<=1.0.11
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-08T14:01:49.102192Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T17:49:03.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:25.241Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114193"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Nomad server on Domino",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c=1.0.11"
}
]
}
],
"datePublic": "2024-07-05T12:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL."
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T13:08:46.782Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114193"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A denial of service vulnerability affects HCL Nomad server on Domino",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2024-23588",
"datePublished": "2024-07-05T13:08:46.782Z",
"dateReserved": "2024-01-18T07:30:10.662Z",
"dateUpdated": "2024-10-30T17:49:03.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}