CVE Catalog

CVE-2023-37524

HighCVSS 7.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

1th percentile — higher than 1% of all known CVEs

Summary

HCL Traveler for Microsoft Outlook (HTMO) is vulnerable due to the use of deprecated .NET Framework 4.5, which no longer receives security updates. This may expose the application to publicly known security weaknesses through vulnerable third-party components.

Risk Assessment

The organization is at risk of exploitation of known security vulnerabilities in .NET Framework 4.5, potentially allowing attackers to execute remote code or escalate privileges within the HTMO environment.

Recommendation

Immediately upgrade .NET Framework to a supported version (e.g., 4.8 or later) and apply the latest security patches for HCL Traveler.

Original NVD description (English source)

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS