CVE-2020-4089
First published: Fri Jun 26 2020(Updated: )
HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network filesystems being leaked to a third party. All versions of HCL Notes 9, 10 and 11 are affected.
Credit: psirt@hcl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hcltech Notes | =9.0 | |
| Hcltech Notes | =10.0 | |
| Hcltech Notes | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-4089?
CVE-2020-4089 is an information leakage vulnerability in HCL Notes, which could result in files being leaked to a third party.
How does CVE-2020-4089 affect HCL Notes?
CVE-2020-4089 affects all versions of HCL Notes 9, 10, and 11.
What is the severity of CVE-2020-4089?
CVE-2020-4089 has a severity rating of 6.5, which is considered medium.
How can I fix CVE-2020-4089 in HCL Notes?
To fix CVE-2020-4089, it is recommended to apply the latest security patches and updates provided by HCL Technologies.
Where can I find more information about CVE-2020-4089?
You can find more information about CVE-2020-4089 on the HCL Technologies support website at https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080343
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/hcltech
- canonical/hcltech notes
- version/hcltech notes/9.0
- version/hcltech notes/10.0
- version/hcltech notes/11.0