{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-44753", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "requesterUserId": "c5fdcef9-195e-4b4c-a893-a114640ac0a4", "dateReserved": "2022-11-04T21:08:23.515Z", "datePublished": "2022-12-17T01:52:52.495Z", "dateUpdated": "2023-01-05T05:58:57.684130Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Notes", "vendor": "HCL Software", "versions": [{"status": "affected", "version": "9, 10"}]}], "datePublic": "2022-12-16T23:41:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. &nbsp;This vulnerability applies to software previously licensed by IBM.</span><br>"}], "value": "HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. \u00a0This vulnerability applies to software previously licensed by IBM.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2023-01-05T05:58:57.684130Z"}, "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260"}], "source": {"discovery": "UNKNOWN"}, "title": "HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}]}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:-:*:*:*:*:*:*", "matchCriteriaId": "978E309F-453B-4D9D-8D15-5A6919E8D178", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10:*:*:*:*:*:*", "matchCriteriaId": "2C984E7E-ADF7-4F52-9CE1-A6F1E05A4140", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if1:*:*:*:*:*:*", "matchCriteriaId": "DAD49650-9091-4706-9CAF-51BABDFB94CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if10:*:*:*:*:*:*", "matchCriteriaId": "4315DC11-745E-4518-9F7E-5D09FB360DE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if2:*:*:*:*:*:*", "matchCriteriaId": "6CE02BCC-5280-4065-8CD9-0BC2A2821335", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if3:*:*:*:*:*:*", "matchCriteriaId": "CF1C4C44-7B5E-4405-9F49-B85957E88760", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if4:*:*:*:*:*:*", "matchCriteriaId": "8CAA8D2D-7A27-49B5-87D2-740E6EB286A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if5:*:*:*:*:*:*", "matchCriteriaId": "A5778563-769B-40A2-8830-E64A5F18CE3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if6:*:*:*:*:*:*", "matchCriteriaId": "6B69E327-0C81-4233-9791-DD50F66E9293", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if7:*:*:*:*:*:*", "matchCriteriaId": "331AD3B5-8D54-469A-873C-73AF93BC35DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp10if8:*:*:*:*:*:*", "matchCriteriaId": "E492968F-C1CC-4383-8393-EDB0DDA174C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp1if1:*:*:*:*:*:*", "matchCriteriaId": "2C8AF686-0BD4-4961-B924-481E328F67B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp1if2:*:*:*:*:*:*", "matchCriteriaId": "E035716B-05DD-4948-BD13-77F9CDA135E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp2if1:*:*:*:*:*:*", "matchCriteriaId": "35A89BAC-438D-4A9E-8FCD-B0D4CD03ED23", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp2if2:*:*:*:*:*:*", "matchCriteriaId": "98498BC3-0A35-446A-8BDC-562EF02E037E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp2if3:*:*:*:*:*:*", "matchCriteriaId": "D78AA096-1E76-4B24-B17D-9796E49B0D0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp2if4:*:*:*:*:*:*", "matchCriteriaId": "BB478F5B-E6C1-48B2-A0AB-25790E26272A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp3if1:*:*:*:*:*:*", "matchCriteriaId": "8041656D-55C6-4932-AA1F-77D9B1A22C80", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp3if2:*:*:*:*:*:*", "matchCriteriaId": "2266AD0F-D804-4BFC-B8E9-050F6AE6C9AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp3if3:*:*:*:*:*:*", "matchCriteriaId": "750709DB-28CC-49B2-98E4-0C4167705487", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp3if4:*:*:*:*:*:*", "matchCriteriaId": "96AD0DB0-75C7-4B2C-845C-AC7DE89A8F1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp4if1:*:*:*:*:*:*", "matchCriteriaId": "2815AB94-D387-4057-AAE9-39336CC4D871", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp4if2:*:*:*:*:*:*", "matchCriteriaId": "D19D5B99-E0BA-4E22-BA16-762114EFC89B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp5if1:*:*:*:*:*:*", "matchCriteriaId": "676D3DC9-FAE5-4E46-857B-B3AC5DCD70F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp5if2:*:*:*:*:*:*", "matchCriteriaId": "3BA224FC-B056-45F2-BF74-8B39F44FE522", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp5if3:*:*:*:*:*:*", "matchCriteriaId": "D3F6F4DA-EC68-42C2-93A1-99DBAC00F63B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp7if1:*:*:*:*:*:*", "matchCriteriaId": "3CB80E9D-E53D-4461-A71B-61A1615E9422", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp7if2:*:*:*:*:*:*", "matchCriteriaId": "1C65A591-435C-40D0-8512-AE3304AA948B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp8if1:*:*:*:*:*:*", "matchCriteriaId": "3B3F9411-8D5B-43E5-9DA9-E0C615ED7557", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp9if1:*:*:*:*:*:*", "matchCriteriaId": "76E45481-36F9-4522-91A4-4D3FD9F6AB6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:9.0.1:fp9if2:*:*:*:*:*:*", "matchCriteriaId": "A177BC67-EBE8-4487-BC45-D42ED6AFA3B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:-:*:*:*:*:*:*", "matchCriteriaId": "847B0ACB-6B84-4D45-B30F-A930A226E14D", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp1:*:*:*:*:*:*", "matchCriteriaId": "E36EE406-5355-422B-B1AE-6349DCDBF872", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp2:*:*:*:*:*:*", "matchCriteriaId": "CFA1279C-D6E4-47D4-9D40-F39EC9C31E12", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp3:*:*:*:*:*:*", "matchCriteriaId": "4F0771C5-5F44-4563-BEFF-0DCEABE5452A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp4:*:*:*:*:*:*", "matchCriteriaId": "980BB9E6-810B-4288-8667-0291BFFDCB9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp5:*:*:*:*:*:*", "matchCriteriaId": "8BECE3D7-F8C4-4065-8CCC-E9CF70CD6943", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp6:*:*:*:*:*:*", "matchCriteriaId": "96B957B0-AF4B-4E9E-8DB7-7B938C115B13", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:notes:10.0.1:fp7:*:*:*:*:*:*", "matchCriteriaId": "55AF7599-1EBB-472C-8F2E-C006269EFDAD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. \u00a0This vulnerability applies to software previously licensed by IBM.\n"}, {"lang": "es", "value": "HCL Notes es susceptible a una vulnerabilidad de desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en wp6sr.dll en Micro Focus KeyView. Esto podr\u00eda permitir que un atacante remoto no autenticado bloquee la aplicaci\u00f3n o ejecute c\u00f3digo arbitrario a trav\u00e9s de un archivo WordPerfect manipulado. Esta vulnerabilidad se aplica al software con licencia previa de IBM."}], "id": "CVE-2022-44753", "lastModified": "2023-11-07T03:54:27.527", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "psirt@hcl.com", "type": "Secondary"}]}, "published": "2022-12-19T11:15:11.007", "references": [{"source": "psirt@hcl.com", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}