CVE-2024-30128

HIGH

HCL Nomad - SSRF

Title source: llm

Description

HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information.

References (1)

[Vendor Advisory] https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115504

Scores

CVSS v3 8.6

EPSS 0.0041

EPSS Percentile 61.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-441

Status published

Products (1)

hcltech/nomad_server_on_domino < 1.0.13

Published Sep 25, 2024

Tracked Since Feb 18, 2026