cvelist/2024/30xxx/CVE-2024-30128.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-30128",
        "ASSIGNER": "psirt@hcl.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address.  This may enable an attacker to trick the user into exposing sensitive information."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "HCL Software",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Nomad server on Domino",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "<1.0.13"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115504",
                "refsource": "MISC",
                "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115504"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.2.0"
    },
    "source": {
        "discovery": "UNKNOWN"
    },
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
            }
        ]
    }
}
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`{`
"-Synchronized-Data." 2024-09-26 18:06:15 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-30128",`
"-Synchronized-Data." 2024-09-26 18:06:15 +00:00			`"ASSIGNER": "psirt@hcl.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-09-26 18:06:15 +00:00			`"value": "HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "HCL Software",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Nomad server on Domino",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "<1.0.13"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115504",`
			`"refsource": "MISC",`
			`"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115504"`
			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.2.0"`
			`},`
			`"source": {`
			`"discovery": "UNKNOWN"`
			`},`
			`"impact": {`
			`"cvss": [`
			`{`
			`"attackComplexity": "LOW",`
			`"attackVector": "NETWORK",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 8.6,`
			`"baseSeverity": "HIGH",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
			`"privilegesRequired": "NONE",`
			`"scope": "CHANGED",`
			`"userInteraction": "NONE",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",`
			`"version": "3.1"`
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`}`
			`]`
			`}`
			`}`