CVE-2020-14270
MEDIUMHCL Domino 9.0.0-10.0.0 - Unauthenticated Information Disclosure via XPages Error Handling
Title source: llmDescription
HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085881
Scores
CVSS v3
5.3
EPSS
0.0032
EPSS Percentile
55.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-755
Status
published
Products (4)
hcltech/domino
10.0.1 (5 CPE variants)
hcltech/domino
11.0.0
hcltech/domino
11.0.1
hcltech/domino
9.0.0 - 10.0.0
Published
Dec 22, 2020
Tracked Since
Feb 18, 2026