What is the vulnerability ID for this HCL iNotes vulnerability?

The vulnerability ID for this HCL iNotes vulnerability is CVE-2020-4126.

What is the severity of CVE-2020-4126?

The severity of CVE-2020-4126 is medium with a severity value of 5.9.

How does CVE-2020-4126 affect HCL iNotes?

CVE-2020-4126 affects HCL iNotes by making it susceptible to a sensitive cookie exposure vulnerability.

How can an attacker exploit CVE-2020-4126?

An attacker can exploit CVE-2020-4126 by capturing the cookie by intercepting its transmission within an HTTP session.

How can I fix CVE-2020-4126?

You can fix CVE-2020-4126 by updating to HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 or later.

Vulnerability/
CVE-2020-4126

medium

5.9

CWE

311

30/11/2020

4/8/2024

CVE-2020-4126

First published: Mon Nov 30 2020(Updated: )

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later.

Credit: psirt@hcl.com

Affected Software	Affected Version	How to fix
Hcltech Hcl Inotes	>=9.0<10.0.1
Hcltech Hcl Inotes	>=11.0.0<11.0.1
Hcltech Hcl Inotes	=10.0.1
Hcltech Hcl Inotes	=10.0.1-fixpack1
Hcltech Hcl Inotes	=10.0.1-fixpack2
Hcltech Hcl Inotes	=10.0.1-fixpack3
Hcltech Hcl Inotes	=10.0.1-fixpack4
Hcltech Hcl Inotes	=10.0.1-fixpack5
Hcltech Hcl Inotes	=11.0.1
Hcltech Hcl Inotes	=11.0.1-fixpack1

Never miss a vulnerability like this again

Reference Links

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085411

Frequently Asked Questions

What is the vulnerability ID for this HCL iNotes vulnerability?
The vulnerability ID for this HCL iNotes vulnerability is CVE-2020-4126.
What is the severity of CVE-2020-4126?
The severity of CVE-2020-4126 is medium with a severity value of 5.9.
How does CVE-2020-4126 affect HCL iNotes?
CVE-2020-4126 affects HCL iNotes by making it susceptible to a sensitive cookie exposure vulnerability.
How can an attacker exploit CVE-2020-4126?
An attacker can exploit CVE-2020-4126 by capturing the cookie by intercepting its transmission within an HTTP session.
How can I fix CVE-2020-4126?
You can fix CVE-2020-4126 by updating to HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 or later.

collector/nvd-index
agent/weakness
agent/references
agent/author
agent/severity
agent/description
agent/type
agent/event
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/hcltech
canonical/hcltech hcl inotes
version/hcltech hcl inotes/9.0
version/hcltech hcl inotes/11.0.0
version/hcltech hcl inotes/10.0.1
version/hcltech hcl inotes/10.0.1-fixpack1
version/hcltech hcl inotes/10.0.1-fixpack2
version/hcltech hcl inotes/10.0.1-fixpack3
version/hcltech hcl inotes/10.0.1-fixpack4
version/hcltech hcl inotes/10.0.1-fixpack5
version/hcltech hcl inotes/11.0.1
version/hcltech hcl inotes/11.0.1-fixpack1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.