CVE-2020-14270

MEDIUM

Hcltech Domino < 10.0.0 - Improper Exception Handling

Title source: rule

Description

HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server.

References (1)

[Patch, Vendor Advisory] https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085881

Scores

CVSS v3 5.3

EPSS 0.0032

EPSS Percentile 54.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-755

Status published

Affected Products (8)

hcltech/domino < 10.0.0

hcltech/domino

Timeline

Published Dec 22, 2020

Tracked Since Feb 18, 2026