CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28015

The HCL Domino AppDev Pack IAM service is susceptible to a User Account Enumeration vulnerability. During a failed login attempt a difference in messages could allow an attacker to determine if the user is valid or not. The attacker could use this information to focus a brute force attack on valid users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.7%

CVSS Severity

CVSS v3 Score 5.3

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105093
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105093

Products affected by CVE-2023-28015

Hcl » Domino Appdev Pack » Version: N/A

cpe:2.3:a:hcl:domino_appdev_pack:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28015

Products

Pricing

Contact Us