CVE-2022-27547 (GCVE-0-2022-27547)

Vulnerability from cvelistv5 – Published: 2022-08-29 16:00 – Updated: 2024-09-17 02:01
VLAI?
Summary
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc.
Severity ?
6.1 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
CWE
  • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
HCL
References
Impacted products
Vendor Product Version
HCL Software HCL iNotes Affected: 9, 10, 11, 12
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:32:59.793Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "HCL iNotes",
          "vendor": "HCL Software",
          "versions": [
            {
              "status": "affected",
              "version": "9, 10, 11, 12"
            }
          ]
        }
      ],
      "datePublic": "2022-08-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-29T16:00:28",
        "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "shortName": "HCL"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "HCL iNotes is susceptible to a link to non-existent domain vulnerability.",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@hcl.com",
          "DATE_PUBLIC": "2022-08-24T19:18:00.000Z",
          "ID": "CVE-2022-27547",
          "STATE": "PUBLIC",
          "TITLE": "HCL iNotes is susceptible to a link to non-existent domain vulnerability."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "HCL iNotes",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9, 10, 11, 12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "HCL Software"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212",
              "refsource": "MISC",
              "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
    "assignerShortName": "HCL",
    "cveId": "CVE-2022-27547",
    "datePublished": "2022-08-29T16:00:28.303270Z",
    "dateReserved": "2022-03-21T00:00:00",
    "dateUpdated": "2024-09-17T02:01:17.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"208ABCA3-9B6B-4EEB-82AB-63E51B0694C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF0007DB-2AC2-481C-AE80-520BF47182D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"17D094C3-FBE2-4890-87AE-F1DB22564B53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABED4B62-2D70-4693-8195-639D9E013AAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB3D516A-593C-42E8-A9BC-0F7FEF17CD6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"3432DA33-2147-47B9-9F8E-4CD12AF73B76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8436BBE-224D-4E6A-B8D1-C778749B7EA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"4775916C-8806-41FD-9B82-D6D0163BB0F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"A952F356-3A08-4A19-B716-03A7CD46C68E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"028F0C13-A975-4DAE-B578-40AFA7FABEE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DB5111E-B70F-475F-A23D-DF08FD1AB97E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1D927FD-BD55-4FD4-9212-C8108B69D7ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D8203EA-5986-47EB-AB05-EFE068C3B34C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"BACEE95B-6B63-4734-97A9-2CAEEFA01187\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"7240C49C-F627-4C24-BF8D-35D9E32CA7EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"A030CB7F-B219-4497-8A87-46BA5A2038F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CBADD58-2E61-48D0-A1B8-1C725FCD907D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"18A495DC-905C-4421-A6FE-EF6655098DA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD32C7F1-9B97-47DF-A09C-766DC5D58164\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BECB00A0-AD89-4E44-B758-45AA5C596018\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"2433DEDD-8650-4B01-85B9-92F5D1446030\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"054C377C-7B4E-4825-B567-D85232EEDF09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1BFC253-23A1-42BE-A786-12D8A51862F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"85C8610A-7365-4B3C-AACD-932A9EEF3F75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BDDC0D0-D7C2-4487-AEB1-39B40DAC68CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"00BC19F7-8098-43D4-97C3-8CA1A63A94B8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B897EE8-EFCD-4D1C-9B83-96BDB596DF52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:12.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CD07D2A-E283-48C8-B110-95D656CF953A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:hcl_inotes:12.0.1:fixpack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"3AF3FF6F-3E3F-44D5-9B8F-E0784A5B376F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F1C7C9C-2F6E-4A82-BC16-B04E53B11E20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E0BF886-B732-4210-82AA-4D2B3F77132B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"866FCD8A-56FE-4D00-A9F6-F83D3400CF91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F8486D8-494D-45B0-8447-F1EDB8C2F8A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"19CC1B88-ED3D-4AD0-8B06-C75D198E1BB3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"C76546DF-A75A-489C-80D8-D1372F2FF586\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"C49C0CA8-485E-4748-A5D5-C3B5FF98381E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C1D2585-833B-4A5A-AAF3-3215C52FE73A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAAE216E-780B-48A7-89D9-6FB8E799B78C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"A44BBF13-7FCF-4CD9-8EA7-C20CA701B8BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"908469B9-3B65-400D-A043-6B907B6151EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC5EB2B8-9B48-4E9B-9726-71E4A6CCFA99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D81AF106-7E8D-4B32-8F63-BD361E2E9508\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"67E40E37-09A5-4BBD-9602-3B72B9A3885F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"656627F5-4DE4-41FE-9A6E-34D45C6B2639\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"37E5C137-6124-4543-83BC-12BE6BB20309\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F7DE084-A236-4ED8-B8A9-EBE2D0ACF580\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"907DF79A-A607-4F3A-9C7E-1FB028B34001\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EA72598-85D1-4341-A865-1E6E278F4185\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CC3C391-12CB-4DDB-B33E-A2020A738EA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F7B561B-79F9-45E1-901F-B0976DD7C9AE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D792E4C-170B-4E6E-8808-EFDB3DF42417\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"479BE6F6-9947-4261-8685-E6357ED90CD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C63BD98F-1ADD-494D-B05A-45B86351F0D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"51F750D7-3CE2-48CA-8D13-006E9CA3E383\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"93202EFB-89DD-49B1-9E29-77145F6A43F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"B65E88C8-173C-40BE-87A3-E3512EBB7C9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09FF8200-5500-420F-93DF-7F7708E76300\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:12.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A3A3354-D9B3-43CA-8BB1-D9F3E73FD6F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:hcltech:domino:12.0.1:fixpack_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1841C21B-AA17-403F-B054-8C1FF8208173\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc.\"}, {\"lang\": \"es\", \"value\": \"HCL iNotes es susceptible de una vulnerabilidad de enlace a un dominio no existente. Un atacante podr\\u00eda usar esta vulnerabilidad para enga\\u00f1ar a un usuario para que proporcione informaci\\u00f3n confidencial como el nombre de usuario, la contrase\\u00f1a, el n\\u00famero de tarjeta de cr\\u00e9dito, etc\"}]",
      "id": "CVE-2022-27547",
      "lastModified": "2024-11-21T06:55:56.800",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@hcl.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 4.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\", \"baseScore\": 7.4, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.0}]}",
      "published": "2022-08-29T16:15:08.507",
      "references": "[{\"url\": \"https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212\", \"source\": \"psirt@hcl.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@hcl.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@hcl.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-601\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-601\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-27547\",\"sourceIdentifier\":\"psirt@hcl.com\",\"published\":\"2022-08-29T16:15:08.507\",\"lastModified\":\"2024-11-21T06:55:56.800\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use this vulnerability to trick a user into supplying sensitive information such as username, password, credit card number, etc.\"},{\"lang\":\"es\",\"value\":\"HCL iNotes es susceptible de una vulnerabilidad de enlace a un dominio no existente. Un atacante podr\u00eda usar esta vulnerabilidad para enga\u00f1ar a un usuario para que proporcione informaci\u00f3n confidencial como el nombre de usuario, la contrase\u00f1a, el n\u00famero de tarjeta de cr\u00e9dito, etc\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@hcl.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"psirt@hcl.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"208ABCA3-9B6B-4EEB-82AB-63E51B0694C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0007DB-2AC2-481C-AE80-520BF47182D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D094C3-FBE2-4890-87AE-F1DB22564B53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABED4B62-2D70-4693-8195-639D9E013AAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB3D516A-593C-42E8-A9BC-0F7FEF17CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3432DA33-2147-47B9-9F8E-4CD12AF73B76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8436BBE-224D-4E6A-B8D1-C778749B7EA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"4775916C-8806-41FD-9B82-D6D0163BB0F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:9.0.1:fixpack_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"A952F356-3A08-4A19-B716-03A7CD46C68E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"028F0C13-A975-4DAE-B578-40AFA7FABEE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DB5111E-B70F-475F-A23D-DF08FD1AB97E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1D927FD-BD55-4FD4-9212-C8108B69D7ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8203EA-5986-47EB-AB05-EFE068C3B34C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BACEE95B-6B63-4734-97A9-2CAEEFA01187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7240C49C-F627-4C24-BF8D-35D9E32CA7EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A030CB7F-B219-4497-8A87-46BA5A2038F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CBADD58-2E61-48D0-A1B8-1C725FCD907D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"18A495DC-905C-4421-A6FE-EF6655098DA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD32C7F1-9B97-47DF-A09C-766DC5D58164\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BECB00A0-AD89-4E44-B758-45AA5C596018\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2433DEDD-8650-4B01-85B9-92F5D1446030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"054C377C-7B4E-4825-B567-D85232EEDF09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1BFC253-23A1-42BE-A786-12D8A51862F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"85C8610A-7365-4B3C-AACD-932A9EEF3F75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BDDC0D0-D7C2-4487-AEB1-39B40DAC68CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"00BC19F7-8098-43D4-97C3-8CA1A63A94B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B897EE8-EFCD-4D1C-9B83-96BDB596DF52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:12.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CD07D2A-E283-48C8-B110-95D656CF953A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:hcl_inotes:12.0.1:fixpack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AF3FF6F-3E3F-44D5-9B8F-E0784A5B376F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F1C7C9C-2F6E-4A82-BC16-B04E53B11E20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E0BF886-B732-4210-82AA-4D2B3F77132B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"866FCD8A-56FE-4D00-A9F6-F83D3400CF91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F8486D8-494D-45B0-8447-F1EDB8C2F8A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"19CC1B88-ED3D-4AD0-8B06-C75D198E1BB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76546DF-A75A-489C-80D8-D1372F2FF586\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"C49C0CA8-485E-4748-A5D5-C3B5FF98381E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C1D2585-833B-4A5A-AAF3-3215C52FE73A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAAE216E-780B-48A7-89D9-6FB8E799B78C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:9.0.1:fixpack_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"A44BBF13-7FCF-4CD9-8EA7-C20CA701B8BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"908469B9-3B65-400D-A043-6B907B6151EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5EB2B8-9B48-4E9B-9726-71E4A6CCFA99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D81AF106-7E8D-4B32-8F63-BD361E2E9508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E40E37-09A5-4BBD-9602-3B72B9A3885F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"656627F5-4DE4-41FE-9A6E-34D45C6B2639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"37E5C137-6124-4543-83BC-12BE6BB20309\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F7DE084-A236-4ED8-B8A9-EBE2D0ACF580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"907DF79A-A607-4F3A-9C7E-1FB028B34001\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EA72598-85D1-4341-A865-1E6E278F4185\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:10.0.1:fixpack_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CC3C391-12CB-4DDB-B33E-A2020A738EA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F7B561B-79F9-45E1-901F-B0976DD7C9AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D792E4C-170B-4E6E-8808-EFDB3DF42417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"479BE6F6-9947-4261-8685-E6357ED90CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C63BD98F-1ADD-494D-B05A-45B86351F0D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"51F750D7-3CE2-48CA-8D13-006E9CA3E383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"93202EFB-89DD-49B1-9E29-77145F6A43F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:11.0.1:fixpack_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B65E88C8-173C-40BE-87A3-E3512EBB7C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09FF8200-5500-420F-93DF-7F7708E76300\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:12.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3A3354-D9B3-43CA-8BB1-D9F3E73FD6F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hcltech:domino:12.0.1:fixpack_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1841C21B-AA17-403F-B054-8C1FF8208173\"}]}]}],\"references\":[{\"url\":\"https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212\",\"source\":\"psirt@hcl.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0100212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.