HCL Domino Vulnerability Let Attackers obtain Sensitive information

A critical security vulnerability has been discovered in HCL Domino, a popular enterprise server software, that could potentially expose sensitive configuration information to remote unauthenticated attackers.

This vulnerability, CVE-2024-23562, has raised concerns among cybersecurity experts and enterprises relying on HCL Domino for their operations.

CVE-2024-23562 – Vulnerability Details

CVE-2024-23562 vulnerability allows a remote, unauthenticated attacker to exploit the system and access sensitive configuration information.

- Advertisement -

This information could then be used to launch further attacks against the affected system, potentially compromising the security and integrity of the enterprise’s data.

Join our free webinar to learn about combating slow DDoS attacks, a major threat today.

• CVE-ID: CVE-2024-23562
• Description: A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information.
• CVSS Base Score: 5.3 (Medium)
• CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products and Versions

The vulnerability impacts multiple releases of HCL Domino, specifically versions 11, 12, and 14.

It is also suspected that earlier releases may be affected, although this has not been conclusively confirmed.

As of now, a fix for this vulnerability is not available.

HCL has acknowledged the issue and is tracking it under SPR# EPORD2AKDF.

In the meantime, users are advised to implement the recommended workarounds and mitigations to protect their systems.

Workarounds and Mitigations

To mitigate the risk posed by this vulnerability, it is recommended that anonymous access to the Domino server be denied over internet protocols.

The following steps can be taken to achieve this:

1. Access Internet Site Document Settings: Navigate to the location of Internet site document settings.
2. Deny Anonymous Access: Set the “Anonymous” fields under “TCP Authentication” and “TLS Authentication” to “No”.

These instructions apply to HCL Domino releases 9 and above.

For further guidance on securing your HCL Domino server, the following resources are available:

• Server Access for Notes® Users, Internet Users, and Domino® Servers
• Protecting Files on a Server from Web Client Access
• Validation and Authentication for Internet and Intranet Clients
• Creating Public Access Pages, Forms, Subforms, Outlines, Views, Agents, and Style Sheets

The discovery of CVE-2024-23562 highlights the importance of continuous vigilance and proactive security measures in enterprise environments.

Organizations using HCL Domino are urged to implement the recommended mitigations promptly and stay updated on any further developments from HCL regarding a permanent fix.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo