CVE-2020-4107

{"id": "CVE-2020-4107", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.0}]}, "published": "2022-05-19T22:15:07.943", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0090221", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "HCL Domino is affected by an Insufficient Access Control vulnerability. An authenticated attacker with local access to the system could exploit this vulnerability to attain escalation of privileges, denial of service, or information disclosure."}, {"lang": "es", "value": "HCL Domino est\u00e1 afectado por una vulnerabilidad de Control de Acceso Insuficiente. Un atacante autenticado con acceso local al sistema podr\u00eda explotar esta vulnerabilidad para conseguir una escalada de privilegios, una denegaci\u00f3n de servicio o una divulgaci\u00f3n de informaci\u00f3n"}], "lastModified": "2022-09-20T19:20:05.127", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:domino:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F1C7C9C-2F6E-4A82-BC16-B04E53B11E20"}, {"criteria": "cpe:2.3:a:hcltech:domino:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "908469B9-3B65-400D-A043-6B907B6151EE"}, {"criteria": "cpe:2.3:a:hcltech:domino:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F7B561B-79F9-45E1-901F-B0976DD7C9AE"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}