PT-2020-17881 · Hcl · Hcl Notes

Eric Portner

Published

2020-11-30

Updated

2021-07-21

CVE-2020-4126

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions HCL iNotes versions prior to 10.0.1 FP6 HCL iNotes versions prior to 11.0.1 FP2

Description HCL iNotes is susceptible to a sensitive cookie exposure issue. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session.

Recommendations For versions prior to 10.0.1 FP6, update to version 10.0.1 FP6 or later. For versions prior to 11.0.1 FP2, update to version 11.0.1 FP2 or later.

Fix

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-311

Related Identifiers

CVE-2020-4126

Affected Products

Hcl Notes

PT-2020-17881 · Hcl · Hcl Notes

CVE-2020-4126

Weakness Enumeration

Related Identifiers

Affected Products

References · 4