CVE-2024-30133

HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0114725	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:traveler_for_microsoft_outlook:*:*:*:*:*:*:*:*

History

30 Oct 2025, 18:05

Type	Values Removed	Values Added
References	~~() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0114725 -~~	() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0114725 - Vendor Advisory
CPE		cpe:2.3:a:hcltech:traveler_for_microsoft_outlook::::::::
First Time		Hcltech Hcltech traveler For Microsoft Outlook

Information

Published : 2024-11-12 17:15

Updated : 2025-10-30 18:05

NVD link : CVE-2024-30133

Mitre link : CVE-2024-30133

CVE.ORG link : CVE-2024-30133

JSON object : View

Products Affected

hcltech

traveler_for_microsoft_outlook

CWE

CWE-670

Always-Incorrect Control Flow Implementation

{"id": "CVE-2024-30133", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-11-12T17:15:07.590", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0114725", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-670"}]}], "descriptions": [{"lang": "en", "value": "HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a control flow vulnerability. The application does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways."}, {"lang": "es", "value": "HCL Traveler para Microsoft Outlook (HTMO) es susceptible a una vulnerabilidad de flujo de control. La aplicaci\u00f3n no gestiona de forma adecuada su flujo de control durante la ejecuci\u00f3n, lo que crea condiciones en las que el flujo de control puede modificarse de forma inesperada."}], "lastModified": "2025-10-30T18:05:09.860", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:traveler_for_microsoft_outlook:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BE11390-97F2-4270-BE7D-CF42676DFC59", "versionEndExcluding": "3.0.11"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}