Information Disclosure Vulnerability in HCL Domino: Unauthorized Access to User Attributes

Information Disclosure Vulnerability in HCL Domino: Unauthorized Access to User Attributes

CVE-2022-38654 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

HCL Domino is susceptible to an information disclosure vulnerability. In some scenarios, local calls made on the server to search the Domino directory will ignore xACL read restrictions. An authenticated attacker could leverage this vulnerability to access attributes from a user's person record.

Learn more about our Cis Benchmark Audit For Apple Ios.