HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. An unauthenticated attacker could exploit this vulnerability to obtain information about the XPages software running on the Domino server.
Weakness
The product does not handle or incorrectly handles an exceptional condition.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Domino | Hcltech | 9.0.0 (including) | 10.0.0 (including) |
| Domino | Hcltech | 10.0.1 (including) | 10.0.1 (including) |
| Domino | Hcltech | 10.0.1-fix_pack_1 (including) | 10.0.1-fix_pack_1 (including) |
| Domino | Hcltech | 10.0.1-fix_pack_2 (including) | 10.0.1-fix_pack_2 (including) |
| Domino | Hcltech | 10.0.1-fix_pack_3 (including) | 10.0.1-fix_pack_3 (including) |
| Domino | Hcltech | 10.0.1-fix_pack_4 (including) | 10.0.1-fix_pack_4 (including) |
| Domino | Hcltech | 11.0.0 (including) | 11.0.0 (including) |
| Domino | Hcltech | 11.0.1 (including) | 11.0.1 (including) |
References
- https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0085881
- https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0085881