The vulnerability causes HCL Traveler for Microsoft Outlook libraries to be flagged as malicious or unrecognized software. This misclassification can lead to Outlook disabling or refusing to load the Traveler add‑in, effectively denying users the ability to access email, calendar, or other productivity features. The flaw stems from an inappropriate restriction of functionality, as catalogued by CWE-1104. No direct data‑compromise, code‑execution, or persistence is described, but the loss of functionality constitutes a significant impact on availability for affected users.

Products affected are HCLSoftware Traveler for Microsoft Outlook. No specific version details were supplied, so the entire product line is considered at risk.

The CVSS score of 6.7 indicates a moderate risk. The EPSS score is not reported, and the vulnerability is not listed in CISA KEV, suggesting there is no known active exploitation. The likely attack vector is a local or remote user triggering the Outlook application to load the Traveler libraries, which will then be blocked by the operating system or antivirus. Without an exploit, the primary risk is denial of service to legitimate users rather than direct compromise. The vulnerability will only affect systems that have the Traveler add‑in installed and rely on it for Outlook integration.