Login Sign Up

CVE-2020-14273

7.5 HIGH
Denial of Service

📋 TL;DR

HCL Domino has a Denial of Service vulnerability in its public API due to improper input validation. Unauthenticated attackers can send specially crafted requests to crash the Domino server, affecting all systems running vulnerable versions of HCL Domino.

💻 Affected Systems

Products:
  • HCL Domino
Versions: Versions prior to 11.0.1 FP5 and 12.0.0
Operating Systems: Windows, Linux, AIX, IBM i
Default Config Vulnerable: ⚠️ Yes
Notes: All standard installations with public API enabled are vulnerable. The vulnerability affects the Domino HTTP task.

📦 What is this software?

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

Domino by Hcltech

View all CVEs affecting Domino →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server crash leading to sustained service unavailability for all Domino services and applications.

🟠

Likely Case

Temporary service disruption requiring server restart, potentially causing data loss or corruption in active transactions.

🟢

If Mitigated

Minimal impact with proper network segmentation and API access controls limiting exposure.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Simple HTTP request manipulation required. No authentication needed to trigger the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 11.0.1 FP5 or 12.0.0

Vendor Advisory: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085947

Restart Required: Yes

Instructions:

1. Download the appropriate fix pack from HCL Support. 2. Apply the fix pack following HCL Domino upgrade procedures. 3. Restart the Domino server to activate the patch.

🔧 Temporary Workarounds

Restrict API Access

all

Limit access to Domino public API endpoints using firewall rules or network segmentation.

Disable HTTP Task

all

Temporarily disable the Domino HTTP task if not required for essential services.

Tell HTTP quit

🧯 If You Can't Patch

  • Implement strict network ACLs to limit access to Domino API endpoints to trusted sources only.
  • Deploy web application firewall (WAF) with rules to detect and block malformed API requests.

🔍 How to Verify

Check if Vulnerable:

Check Domino version using 'show server' command and compare against vulnerable versions (pre-11.0.1 FP5 or pre-12.0.0).

Check Version:

show server

Verify Fix Applied:

Verify Domino version is 11.0.1 FP5 or higher, or 12.0.0 or higher after patching.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected server crashes
  • HTTP task termination errors
  • Abnormal API request patterns

Network Indicators:

  • Multiple malformed HTTP requests to Domino API endpoints from single source
  • Spike in HTTP error responses

SIEM Query:

source="domino.log" AND ("crash" OR "abnormal termination" OR "HTTP task")

📊 Metadata

CVE ID: CVE-2020-14273
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-20
Published: December 28, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-14273, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)