{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T15:44:53.413","vulnerabilities":[{"cve":{"id":"CVE-2023-37495","sourceIdentifier":"psirt@hcl.com","published":"2024-02-29T01:40:04.220","lastModified":"2025-05-08T16:56:18.013","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Internet passwords stored in Person documents in the Domino® Directory created using the \"Add Person\" action on the People & Groups tab in the Domino® Administrator are secured using a cryptographically weak hash algorithm.  This could enable attackers with access to the hashed value to determine a user's password, e.g. using a brute force attack.  This issue does not impact Person documents created through  user registration https://help.hcltechsw.com/domino/10.0.1/admin/conf_userregistration_c.html . \n"},{"lang":"es","value":"Las contraseñas de Internet almacenadas en documentos personales en el directorio de Domino® creado mediante la acción \"Agregar persona\" en la pestaña Personas y grupos del Administrador de Domino® están protegidas mediante un algoritmo hash criptográficamente débil. Esto podría permitir a los atacantes con acceso al valor hash determinar la contraseña de un usuario, por ejemplo, mediante un ataque de fuerza bruta. Este problema no afecta los documentos personales creados mediante el registro de usuario https://help.hcltechsw.com/domino/10.0.1/admin/conf_userregistration_c.html."}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:domino:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0","versionEndExcluding":"14.0","matchCriteriaId":"A56E68A6-976F-412D-AA65-7940FB574149"}]}]}],"references":[{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107585","source":"psirt@hcl.com","tags":["Vendor Advisory"]},{"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107585","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}