Login Sign Up

CVE-2024-23588

5.3 MEDIUM
Denial of Service

📋 TL;DR

HCL Nomad server on Domino fails to properly handle users with limited Domino access, potentially allowing denial of service attacks. This affects organizations running vulnerable versions of HCL Nomad server on Domino platforms. Attackers could disrupt service availability by exploiting improper access control handling.

💻 Affected Systems

Products:
  • HCL Nomad server on Domino
Versions: Specific versions not detailed in provided references; check HCL advisory for exact affected versions
Operating Systems: Platforms running HCL Domino with Nomad server
Default Config Vulnerable: ⚠️ Yes
Notes: Affects configurations where users have limited Domino access rights; exact conditions require review of HCL documentation

📦 What is this software?

Nomad Server On Domino by Hcltech

View all CVEs affecting Nomad Server On Domino →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of HCL Nomad server, preventing legitimate users from accessing Domino applications and services through Nomad.

🟠

Likely Case

Intermittent service degradation or temporary unavailability affecting users with limited access permissions.

🟢

If Mitigated

Minimal impact with proper access controls, monitoring, and network segmentation in place.

🌐 Internet-Facing: MEDIUM - If Nomad server is exposed to internet, attackers could potentially trigger DoS conditions remotely.
🏢 Internal Only: MEDIUM - Internal attackers or compromised accounts could exploit this to disrupt business operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires understanding of Domino access control mechanisms and ability to interact with Nomad server; likely requires some level of access to trigger

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check HCL advisory KB0114193 for specific fixed versions

Vendor Advisory: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193

Restart Required: Yes

Instructions:

1. Review HCL advisory KB0114193 for affected versions. 2. Download and apply the appropriate patch from HCL support. 3. Restart Nomad server services. 4. Verify the fix by testing with users having limited access.

🔧 Temporary Workarounds

Restrict Access to Nomad Server

all

Limit network access to Nomad server to only trusted users and systems

Review User Access Controls

all

Audit and tighten Domino access controls for users interacting with Nomad server

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate Nomad server from untrusted networks
  • Enhance monitoring for unusual access patterns or service disruptions related to Nomad

🔍 How to Verify

Check if Vulnerable:

Check HCL advisory KB0114193 to determine if your Nomad server version is affected

Check Version:

Check Domino and Nomad server version through Domino console or administration tools

Verify Fix Applied:

After patching, test with users having limited Domino access to ensure proper handling

📡 Detection & Monitoring

Log Indicators:

  • Unusual access attempts from limited-access users
  • Nomad server service disruptions or crashes
  • Increased error rates in Domino access logs

Network Indicators:

  • Abnormal traffic patterns to Nomad server port
  • Multiple failed connection attempts followed by service degradation

SIEM Query:

source="domino_logs" AND (error OR crash OR "access denied") AND process="nomad"

📊 Metadata

CVE ID: CVE-2024-23588
CVSS v3 Score: 5.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Published: July 5, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON