CVE-2024-30146 – This vulnerability allows certain administrativ... (How to Fix)

Q: What is the severity of CVE-2024-30146?

CVE-2024-30146 has a CVSS score of 4.1 (MEDIUM). This vulnerability allows certain administrative users in HCL Domino Leap to import applications from the server's filesystem due to improper access control. It affects HCL Domino Leap installations where administrative users have access to vulnerable endpoints. The impact is limited to authorized admin users but could lead to unauthorized application deployment.

📋 TL;DR

This vulnerability allows certain administrative users in HCL Domino Leap to import applications from the server's filesystem due to improper access control. It affects HCL Domino Leap installations where administrative users have access to vulnerable endpoints. The impact is limited to authorized admin users but could lead to unauthorized application deployment.

💻 Affected Systems

Products:

HCL Domino Leap

Versions: Versions prior to 1.0.18

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations with administrative users who have access to the vulnerable endpoint

📦 What is this software?

Domino Leap by Hcltech

View all CVEs affecting Domino Leap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated admin user could import malicious applications from the server filesystem, potentially leading to code execution, data exposure, or server compromise.

🟠

Likely Case

Authorized admin users could inadvertently or intentionally import applications they shouldn't have access to, leading to unauthorized application deployment or configuration changes.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to authorized administrative actions within expected boundaries.

🌐 Internet-Facing: LOW - Requires authenticated admin access, typically not exposed to internet

🏢 Internal Only: MEDIUM - Internal admin users could exploit this, but requires administrative privileges

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated administrative access to the Domino Leap interface

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.18

Vendor Advisory: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120722

Restart Required: Yes

Instructions:

1. Download HCL Domino Leap 1.0.18 from HCL support portal. 2. Backup current installation. 3. Apply the update following HCL's upgrade documentation. 4. Restart the Domino Leap service.

🔧 Temporary Workarounds

Restrict administrative access

all

Limit administrative access to only trusted users who require application import capabilities

Monitor application import activity

all

Implement logging and monitoring for application import operations

🧯 If You Can't Patch

Implement strict access controls and review administrative user permissions
Enable detailed logging of all application import operations and monitor for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Check Domino Leap version via administrative interface or configuration files. Versions below 1.0.18 are vulnerable.

Check Version:

Check version in Domino Leap administrative console or review installation directory version files

Verify Fix Applied:

Verify version is 1.0.18 or higher in administrative interface or configuration

📡 Detection & Monitoring

Log Indicators:

Unusual application import activity
Multiple import attempts from same admin user
Imports from unexpected file system locations

Network Indicators:

HTTP POST requests to application import endpoints from admin users

SIEM Query:

source="domino_leap" AND (event="application_import" OR endpoint="/api/import")

📊 Metadata

CVE ID: CVE-2024-30146

CVSS v3 Score: 4.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-284

EPSS Score: 0.04% exploit probability (12.3th percentile)

Published: April 30, 2025

Last Updated: December 31, 2025

🔗 References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120722 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-30146, you might also want to check these: