CVE-2020-14234 - Vulnerability Details

Vendors	Products
Hcltech	Domino

Link	Providers
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "HCL Domino", "vendor": "HCL", "versions": [{"status": "affected", "version": "versions previous to release 9.0.1 FP10 IF6"}, {"status": "affected", "version": "release 10.0.1"}]}], "descriptions": [{"lang": "en", "value": "HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected."}], "problemTypes": [{"descriptions": [{"description": "\"Denial of Service \"", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-21T17:05:15", "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@hcl.com", "ID": "CVE-2020-14234", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HCL Domino", "version": {"version_data": [{"version_value": "versions previous to release 9.0.1 FP10 IF6"}, {"version_value": "release 10.0.1"}]}}]}, "vendor_name": "HCL"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "\"Denial of Service \""}]}]}, "references": {"reference_data": [{"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302", "refsource": "CONFIRM", "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:39:36.217Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302"}]}]}, "cveMetadata": {"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "assignerShortName": "HCL", "cveId": "CVE-2020-14234", "datePublished": "2020-11-21T17:05:15", "dateReserved": "2020-06-17T00:00:00", "dateUpdated": "2024-08-04T12:39:36.217Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : HCL Domino (string)

vendor : HCL (string)

versions : [ »

0 : { »

status : affected (string)

version : versions previous to release 9.0.1 FP10 IF6 (string)

}

1 : { »

status : affected (string)

version : release 10.0.1 (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : "Denial of Service " (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-11-21T17:05:15 (string)

orgId : 1e47fe04-f25f-42fa-b674-36de2c5e3cfc (string)

shortName : HCL (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@hcl.com (string)

ID : CVE-2020-14234 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : HCL Domino (string)

version : { »

version_data : [ »

0 : { »

version_value : versions previous to release 9.0.1 FP10 IF6 (string)

}

1 : { »

version_value : release 10.0.1 (string)

}

]

}

]

}

vendor_name : HCL (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : "Denial of Service " (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302 (string)

refsource : CONFIRM (string)

url : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T12:39:36.217Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 1e47fe04-f25f-42fa-b674-36de2c5e3cfc (string)

assignerShortName : HCL (string)

cveId : CVE-2020-14234 (string)

datePublished : 2020-11-21T17:05:15 (string)

dateReserved : 2020-06-17T00:00:00 (string)

dateUpdated : 2024-08-04T12:39:36.217Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:domino:*:*:*:*:*:*:*:*", "matchCriteriaId": "EA96995E-99EC-4260-A329-B4137AFBEB6B", "versionEndExcluding": "9.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CB117EF-6AE5-4323-9ACF-01DE2C92182D", "versionEndExcluding": "10.0.1", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:-:*:*:*:*:*:*", "matchCriteriaId": "4E0BF886-B732-4210-82AA-4D2B3F77132B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_3:*:*:*:*:*:*", "matchCriteriaId": "2D00AC8D-4E35-49F4-B0EE-C03E1EE67B8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_4:*:*:*:*:*:*", "matchCriteriaId": "0FBD1792-01BA-402A-859E-531F7614C9A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_5:*:*:*:*:*:*", "matchCriteriaId": "DB652BE0-5767-4D42-A618-1315243A5C52", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8:*:*:*:*:*:*", "matchCriteriaId": "F3D799A2-AC87-43E8-A6A2-E76E1535A7C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_1:*:*:*:*:*:*", "matchCriteriaId": "9C9A93C4-70E8-472D-A038-14F72780E02F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_2:*:*:*:*:*:*", "matchCriteriaId": "442C02A0-0232-488A-8A66-62386FFBC807", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_3:*:*:*:*:*:*", "matchCriteriaId": "A349B3BD-CB3D-4290-BE9E-8FFA68C3512B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected."}, {"lang": "es", "value": "HCL Domino es susceptible a una vulnerabilidad de Denegaci\u00f3n de Servicio debido a una comprobaci\u00f3n inapropiada de la entrada suministrada por el usuario, d\u00e1ndole potencialmente al atacante la capacidad de bloquear el servidor.&#xa0;Versiones anteriores a versi\u00f3n 9.0.1 FP10 IF6 y versi\u00f3n 10.0.1 est\u00e1n afectadas"}], "id": "CVE-2020-14234", "lastModified": "2024-11-21T05:02:54.227", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-21T18:15:11.680", "references": [{"source": "psirt@hcl.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:hcltech:domino:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EA96995E-99EC-4260-A329-B4137AFBEB6B (string)

versionEndExcluding : 9.0.1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:hcltech:domino:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4CB117EF-6AE5-4323-9ACF-01DE2C92182D (string)

versionEndExcluding : 10.0.1 (string)

versionStartIncluding : 10.0.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:-:*:*:*:*:*:* (string)

matchCriteriaId : 4E0BF886-B732-4210-82AA-4D2B3F77132B (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_3:*:*:*:*:*:* (string)

matchCriteriaId : 2D00AC8D-4E35-49F4-B0EE-C03E1EE67B8E (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_4:*:*:*:*:*:* (string)

matchCriteriaId : 0FBD1792-01BA-402A-859E-531F7614C9A2 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_10_interim_fix_5:*:*:*:*:*:* (string)

matchCriteriaId : DB652BE0-5767-4D42-A618-1315243A5C52 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8:*:*:*:*:*:* (string)

matchCriteriaId : F3D799A2-AC87-43E8-A6A2-E76E1535A7C4 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_1:*:*:*:*:*:* (string)

matchCriteriaId : 9C9A93C4-70E8-472D-A038-14F72780E02F (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_2:*:*:*:*:*:* (string)

matchCriteriaId : 442C02A0-0232-488A-8A66-62386FFBC807 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:hcltech:domino:9.0.1:feature_pack_8_interim_fix_3:*:*:*:*:*:* (string)

matchCriteriaId : A349B3BD-CB3D-4290-BE9E-8FFA68C3512B (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected. (string)

}

1 : { »

lang : es (string)

value : HCL Domino es susceptible a una vulnerabilidad de Denegación de Servicio debido a una comprobación inapropiada de la entrada suministrada por el usuario, dándole potencialmente al atacante la capacidad de bloquear el servidor. Versiones anteriores a versión 9.0.1 FP10 IF6 y versión 10.0.1 están afectadas (string)

}

]

id : CVE-2020-14234 (string)

lastModified : 2024-11-21T05:02:54.227 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-11-21T18:15:11.680 (string)

references : [ »

0 : { »

source : psirt@hcl.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085302 (string)

}

]

sourceIdentifier : psirt@hcl.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-20 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object