Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for traveler_for_microsoft_outlook by hcltech

    CVE-2024-42192 (GCVE-0-2024-42192)

    Vulnerability from nvd – Published: 2025-10-16 20:24 – Updated: 2025-10-17 13:33
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    HCL
    Impacted products
    Date Public
    2025-10-16 20:21
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42192",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-17T13:32:56.405668Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-17T13:33:25.412Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Traveler for Microsoft Outlook",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.14"
                }
              ]
            }
          ],
          "datePublic": "2025-10-16T20:21:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eHCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T20:24:53.515Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124066"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-42192",
        "datePublished": "2025-10-16T20:24:53.515Z",
        "dateReserved": "2024-07-29T21:32:08.371Z",
        "dateUpdated": "2025-10-17T13:33:25.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42191 (GCVE-0-2024-42191)

    Vulnerability from nvd – Published: 2025-05-30 15:54 – Updated: 2025-05-30 16:10
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to COM hijacking
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    HCL
    Impacted products
    Date Public
    2025-05-30 15:49
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42191",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-30T16:10:39.589102Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T16:10:53.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook (HTMO)",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.0.12"
                }
              ]
            }
          ],
          "datePublic": "2025-05-30T15:49:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-30T15:54:23.554Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0120745"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to COM hijacking",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-42191",
        "datePublished": "2025-05-30T15:54:23.554Z",
        "dateReserved": "2024-07-29T21:32:08.371Z",
        "dateUpdated": "2025-05-30T16:10:53.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42190 (GCVE-0-2024-42190)

    Vulnerability from nvd – Published: 2025-05-30 15:51 – Updated: 2025-05-30 15:59
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to DLL hijacking
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    HCL
    Impacted products
    Date Public
    2025-05-30 15:49
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-30T15:59:42.617518Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T15:59:55.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook (HTMO)",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.0.12"
                }
              ]
            }
          ],
          "datePublic": "2025-05-30T15:49:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-30T15:51:35.047Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0120744"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to DLL hijacking",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-42190",
        "datePublished": "2025-05-30T15:51:35.047Z",
        "dateReserved": "2024-07-29T21:32:08.371Z",
        "dateUpdated": "2025-05-30T15:59:55.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-30133 (GCVE-0-2024-30133)

    Vulnerability from nvd – Published: 2024-11-12 16:23 – Updated: 2024-11-12 17:20
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-670 - Always-Incorrect Control Flow Implementation
    Assigner
    HCL
    Impacted products
    Date Public
    2024-11-12 16:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-30133",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-12T17:20:38.099960Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-670",
                    "description": "CWE-670 Always-Incorrect Control Flow Implementation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T17:20:56.436Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook (HTMO)",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c3.0.11"
                }
              ]
            }
          ],
          "datePublic": "2024-11-12T16:05:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability.  The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability.  The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-12T16:23:38.833Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0114725"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-30133",
        "datePublished": "2024-11-12T16:23:38.833Z",
        "dateReserved": "2024-03-22T23:57:23.590Z",
        "dateUpdated": "2024-11-12T17:20:56.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-30134 (GCVE-0-2024-30134)

    Vulnerability from nvd – Published: 2024-09-26 14:50 – Updated: 2024-09-26 15:23
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability
    Summary
    The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    HCL
    Impacted products
    Vendor Product Version
    HCL Software HCL Traveler for Microsoft Outlook Affected: <3.0.9
    Create a notification for this product.
    hcltech traveler Affected: 0 , < 3.0.9 (custom)
        cpe:2.3:a:hcltech:traveler:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-09-26 14:38
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:hcltech:traveler:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "traveler",
                "vendor": "hcltech",
                "versions": [
                  {
                    "lessThan": "3.0.9",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-30134",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-26T15:21:02.536483Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "CWE-295 Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-26T15:23:46.684Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c3.0.9"
                }
              ]
            }
          ],
          "datePublic": "2024-09-26T14:38:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application."
                }
              ],
              "value": "The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL."
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-26T14:50:36.754Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114723"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-30134",
        "datePublished": "2024-09-26T14:50:36.754Z",
        "dateReserved": "2024-03-22T23:57:23.590Z",
        "dateUpdated": "2024-09-26T15:23:46.684Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42192 (GCVE-0-2024-42192)

    Vulnerability from cvelistv5 – Published: 2025-10-16 20:24 – Updated: 2025-10-17 13:33
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    HCL
    Impacted products
    Date Public
    2025-10-16 20:21
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42192",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-17T13:32:56.405668Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-17T13:33:25.412Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Traveler for Microsoft Outlook",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.14"
                }
              ]
            }
          ],
          "datePublic": "2025-10-16T20:21:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eHCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e"
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-16T20:24:53.515Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124066"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-42192",
        "datePublished": "2025-10-16T20:24:53.515Z",
        "dateReserved": "2024-07-29T21:32:08.371Z",
        "dateUpdated": "2025-10-17T13:33:25.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42191 (GCVE-0-2024-42191)

    Vulnerability from cvelistv5 – Published: 2025-05-30 15:54 – Updated: 2025-05-30 16:10
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to COM hijacking
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    HCL
    Impacted products
    Date Public
    2025-05-30 15:49
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42191",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-30T16:10:39.589102Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T16:10:53.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook (HTMO)",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.0.12"
                }
              ]
            }
          ],
          "datePublic": "2025-05-30T15:49:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-30T15:54:23.554Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0120745"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to COM hijacking",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-42191",
        "datePublished": "2025-05-30T15:54:23.554Z",
        "dateReserved": "2024-07-29T21:32:08.371Z",
        "dateUpdated": "2025-05-30T16:10:53.534Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42190 (GCVE-0-2024-42190)

    Vulnerability from cvelistv5 – Published: 2025-05-30 15:51 – Updated: 2025-05-30 15:59
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to DLL hijacking
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    HCL
    Impacted products
    Date Public
    2025-05-30 15:49
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-30T15:59:42.617518Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-30T15:59:55.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook (HTMO)",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 3.0.12"
                }
              ]
            }
          ],
          "datePublic": "2025-05-30T15:49:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-30T15:51:35.047Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0120744"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to DLL hijacking",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-42190",
        "datePublished": "2025-05-30T15:51:35.047Z",
        "dateReserved": "2024-07-29T21:32:08.371Z",
        "dateUpdated": "2025-05-30T15:59:55.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-30133 (GCVE-0-2024-30133)

    Vulnerability from cvelistv5 – Published: 2024-11-12 16:23 – Updated: 2024-11-12 17:20
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability
    Summary
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-670 - Always-Incorrect Control Flow Implementation
    Assigner
    HCL
    Impacted products
    Date Public
    2024-11-12 16:05
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-30133",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-12T17:20:38.099960Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-670",
                    "description": "CWE-670 Always-Incorrect Control Flow Implementation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T17:20:56.436Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook (HTMO)",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c3.0.11"
                }
              ]
            }
          ],
          "datePublic": "2024-11-12T16:05:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability.  The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability.  The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-12T16:23:38.833Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0114725"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-30133",
        "datePublished": "2024-11-12T16:23:38.833Z",
        "dateReserved": "2024-03-22T23:57:23.590Z",
        "dateUpdated": "2024-11-12T17:20:56.436Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-30134 (GCVE-0-2024-30134)

    Vulnerability from cvelistv5 – Published: 2024-09-26 14:50 – Updated: 2024-09-26 15:23
    VLAI
    Title
    HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability
    Summary
    The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    HCL
    Impacted products
    Vendor Product Version
    HCL Software HCL Traveler for Microsoft Outlook Affected: <3.0.9
    Create a notification for this product.
    hcltech traveler Affected: 0 , < 3.0.9 (custom)
        cpe:2.3:a:hcltech:traveler:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-09-26 14:38
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:hcltech:traveler:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "traveler",
                "vendor": "hcltech",
                "versions": [
                  {
                    "lessThan": "3.0.9",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-30134",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-26T15:21:02.536483Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-295",
                    "description": "CWE-295 Improper Certificate Validation",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-26T15:23:46.684Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HCL Traveler for Microsoft Outlook",
              "vendor": "HCL Software",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c3.0.9"
                }
              ]
            }
          ],
          "datePublic": "2024-09-26T14:38:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application."
                }
              ],
              "value": "The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL."
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-09-26T14:50:36.754Z",
            "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
            "shortName": "HCL"
          },
          "references": [
            {
              "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0114723"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to an application modification vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
        "assignerShortName": "HCL",
        "cveId": "CVE-2024-30134",
        "datePublished": "2024-09-26T14:50:36.754Z",
        "dateReserved": "2024-03-22T23:57:23.590Z",
        "dateUpdated": "2024-09-26T15:23:46.684Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }