CVE-2023-37524
HighCVSS 7.7Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
HCL Traveler for Microsoft Outlook (HTMO) is vulnerable due to the use of deprecated .NET Framework 4.5, which no longer receives security updates. This may expose the application to publicly known security weaknesses through vulnerable third-party components.
Risk Assessment
The organization is at risk of exploitation of known security vulnerabilities in .NET Framework 4.5, potentially allowing attackers to execute remote code or escalate privileges within the HTMO environment.
Recommendation
Immediately upgrade .NET Framework to a supported version (e.g., 4.8 or later) and apply the latest security patches for HCL Traveler.
Original NVD description (English source)
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.

