heise PlusAbo
Anzeige

HCL Domino add-on Leap secured against possible attacks

The HCL Domingo application development system can be attacked via vulnerabilities in the Leap add-on.

listen Print view

(Image: Alfa Photo/Shutterstock.com)

1 min. read
Security
By

Admins who manage application development systems with HCL Domingo should update the Leap (formerly Volt) add-on for security reasons. Without up-to-date security patches, systems are vulnerable.

Malicious code scripts

According to a support article, attackers can exploit a total of nine software vulnerabilities. Even though the majority of vulnerabilities are classified as “medium”, admins should not wait too long to patch them. After all, applications created on compromised systems represent a security risk.

Videos by heise

The most dangerous vulnerability (CVE-2023-37535 “high”) allows attackers to introduce their scripts into the workflow. Attackers can also illegally access data that is actually protected (CVE-2023-37517 “low”).

The developers assure that they have closed the gaps in issues 1.1.1, 1.1.2, 1.1.3, 1.1.4 and 1.1.5.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten