CVE-2024-30132 LOW

CVE-2024-30132: Missing default HTTP security headers affect HCL Nomad server on Domino

Vendor Hcl Software
Product Nomad server on Domino
Published October 1, 2024
Last update October 29, 2024

CVSS base score

3.7/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

HCL Nomad server on Domino did not configure certain HTTP Security headers by default which could allow an attacker to obtain sensitive information via unspecified vectors.

Key dates

02Disclosure timeline

October 1, 2024 CVE published
October 29, 2024 Record updated