CVE-2020-4092

Опубликовано: 06 мая 2020

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server. This can potentially expose sensitive information including but not limited to server names, user IDs and document content."

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078969
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078969
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:hcl_nomad:1.0:*:*:*:*:android:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.1:*:*:*:*:android:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.1:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.2:*:*:*:*:android:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.2:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.3:*:*:*:*:android:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.3:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.4:*:*:*:*:android:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.4:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.5:*:*:*:*:android:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.5:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.6:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.7:*:*:*:*:iphone_os:*:*

cpe:2.3:a:hcltech:hcl_nomad:1.0.8:*:*:*:*:iphone_os:*:*

EPSS

Процентиль: 19%

0.0006

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-319

Связанные уязвимости

GHSA-fc6g-9746-9j7g

github

больше 3 лет назад