Description
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.
Published: 2026-06-27
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

HCL Traveler for Microsoft Outlook (HTMO) can be compromised because it depends on the .NET Framework 4.5, which is no longer supported and does not receive security updates. The lack of patch coverage permits known third‑party weaknesses to affect the application, creating a risk to confidentiality, integrity, and availability. The identified weakness is CWE‑1104, and the CVSS score of 7.7 classifies it as a high‑severity issue requiring attention.

Affected Systems

The affected product is HCLSoftware Traveler for Microsoft Outlook. No specific build or minor version was listed, so any installation that relies on .NET Framework 4.5 could be impacted.

Risk and Exploitability

The CVSS value of 7.7 indicates substantial risk, while the EPSS score is unavailable and the vulnerability is not listed in CISA’s KEV catalog. Attack vectors likely involve interaction with the HTMO component in environments where the legacy .NET framework is present; exploitation would probably occur through the application’s use of vulnerable third‑party components, potentially leading to unauthorized data access or program behavior changes.

Generated by OpenCVE AI on June 27, 2026 at 03:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade HCL Traveler to a release compatible with a supported .NET Framework (e.g., 4.6 or higher).
  • Apply any vendor patches or updates released by HCL Software for HTMO to address the dependence on the unsupported framework.
  • If an upgrade is not feasible, isolate the HTMO installation in a segregated environment or disable features that rely on .NET 4.5 until a supported version is deployed.

Generated by OpenCVE AI on June 27, 2026 at 03:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Hcltech
Hcltech traveler For Microsoft Outlook
Vendors & Products Hcltech
Hcltech traveler For Microsoft Outlook

Mon, 29 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sat, 27 Jun 2026 02:00:00 +0000

Type Values Removed Values Added
Description HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.
Title HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service
Weaknesses CWE-1104
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}


Subscriptions

Hcltech Traveler For Microsoft Outlook
cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published:

Updated: 2026-06-29T13:21:14.982Z

Reserved: 2023-07-06T16:12:30.393Z

Link: CVE-2023-37524

cve-icon Vulnrichment

Updated: 2026-06-29T13:21:10.651Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T19:45:02Z

Weaknesses
  • CWE-1104

    Use of Unmaintained Third Party Components