Описание
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later.
Уязвимые конфигурации
Конфигурация 1Версия от 9.0 (включая) до 10.0.1 (исключая)Версия от 11.0.0 (включая) до 11.0.1 (исключая)
Одно из
cpe:2.3:a:hcltech:hcl_inotes:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:-:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack1:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack2:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack3:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack4:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:10.0.1:fixpack5:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:11.0.1:-:*:*:*:*:*:*
cpe:2.3:a:hcltech:hcl_inotes:11.0.1:fixpack1:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00185
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-311
Связанные уязвимости
github
больше 3 лет назад
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later.
EPSS
Процентиль: 40%
0.00185
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-311