Description
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.
Published: 2026-06-27
Score: 7.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

HCL Traveler for Microsoft Outlook (HTMO) can be compromised because it depends on the .NET Framework 4.5, which is no longer supported and does not receive security updates. The lack of patch coverage permits known third‑party weaknesses to affect the application, creating a risk to confidentiality, integrity, and availability. The identified weakness is CWE‑1104, and the CVSS score of 7.7 classifies it as a high‑severity issue requiring attention.

Affected Systems

The affected product is HCLSoftware Traveler for Microsoft Outlook. No specific build or minor version was listed, so any installation that relies on .NET Framework 4.5 could be impacted.

Risk and Exploitability

The CVSS value of 7.7 indicates substantial risk, while the EPSS score is unavailable and the vulnerability is not listed in CISA’s KEV catalog. Attack vectors likely involve interaction with the HTMO component in environments where the legacy .NET framework is present; exploitation would probably occur through the application’s use of vulnerable third‑party components, potentially leading to unauthorized data access or program behavior changes.

Generated by OpenCVE AI on June 27, 2026 at 03:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade HCL Traveler to a release compatible with a supported .NET Framework (e.g., 4.6 or higher).
  • Apply any vendor patches or updates released by HCL Software for HTMO to address the dependence on the unsupported framework.
  • If an upgrade is not feasible, isolate the HTMO installation in a segregated environment or disable features that rely on .NET 4.5 until a supported version is deployed.

Generated by OpenCVE AI on June 27, 2026 at 03:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 27 Jun 2026 02:00:00 +0000

Type Values Removed Values Added
Description HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service.  Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerable third-party components.
Title HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service
Weaknesses CWE-1104
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published:

Updated: 2026-06-27T01:30:26.731Z

Reserved: 2023-07-06T16:12:30.393Z

Link: CVE-2023-37524

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-27T03:45:10Z

Weaknesses
  • CWE-1104

    Use of Unmaintained Third Party Components