Vulnerability Details : CVE-2020-14232
A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the attacker to crash the program or inject code into the system which would execute with the privileges of the currently logged in user.
Vulnerability category: Overflow
Products affected by CVE-2020-14232
- cpe:2.3:a:hcltech:notes:9.0.1:-:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if1:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if2:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if3:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if4:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if5:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if6:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0.1:fp10if7:*:*:*:*:*:*
- cpe:2.3:a:hcltech:notes:9.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-14232
0.84%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-14232
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST | |
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
References for CVE-2020-14232
-
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085883
%short_descr - Customer SupportVendor Advisory
Jump to