Lucene search

[email protected]CVE-2010-0275

HistoryJan 09, 2010 - 6:30 p.m.

CVE-2010-0275

2010-01-0918:30:01

[email protected]

web.nvd.nist.gov

ibm

lotus

inotes

ultra-light mode

cve-2010-0275

domino

web access

dwa

nvd

security

vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

Affected configurations

NVD

Node

ibmlotus_inotesRange≤229.231

ibmlotus_inotesMatch229.011

ibmlotus_inotesMatch229.021

ibmlotus_inotesMatch229.031

ibmlotus_inotesMatch229.041

ibmlotus_inotesMatch229.051

ibmlotus_inotesMatch229.061

ibmlotus_inotesMatch229.101

ibmlotus_inotesMatch229.111

ibmlotus_inotesMatch229.131

ibmlotus_inotesMatch229.141

ibmlotus_inotesMatch229.151

ibmlotus_inotesMatch229.161

ibmlotus_inotesMatch229.171

ibmlotus_inotesMatch229.181

ibmlotus_inotesMatch229.191

ibmlotus_inotesMatch229.201

ibmlotus_inotesMatch229.211

ibmlotus_inotesMatch229.221

AND

ibmlotus_dominoMatch8.0.2.3

CPENameOperatorVersion
ibm:lotus_inotesibm lotus inotesle229.231
ibm:lotus_inotesibm lotus inoteseq229.011
ibm:lotus_inotesibm lotus inoteseq229.021
ibm:lotus_inotesibm lotus inoteseq229.031
ibm:lotus_inotesibm lotus inoteseq229.041
ibm:lotus_inotesibm lotus inoteseq229.051
ibm:lotus_inotesibm lotus inoteseq229.061
ibm:lotus_inotesibm lotus inoteseq229.101
ibm:lotus_inotesibm lotus inoteseq229.111
ibm:lotus_inotesibm lotus inoteseq229.131

CPE	Name	Operator	Version
ibm:lotus_inotes	ibm lotus inotes	le	229.231
ibm:lotus_inotes	ibm lotus inotes	eq	229.011
ibm:lotus_inotes	ibm lotus inotes	eq	229.021
ibm:lotus_inotes	ibm lotus inotes	eq	229.031
ibm:lotus_inotes	ibm lotus inotes	eq	229.041
ibm:lotus_inotes	ibm lotus inotes	eq	229.051
ibm:lotus_inotes	ibm lotus inotes	eq	229.061
ibm:lotus_inotes	ibm lotus inotes	eq	229.101
ibm:lotus_inotes	ibm lotus inotes	eq	229.111
ibm:lotus_inotes	ibm lotus inotes	eq	229.131

Rows per page:

1-10 of 191

References

secunia.com/advisories/38026

www-01.ibm.com/support/docview.wss?uid=swg27017776

www.securityfocus.com/bid/37675

www.vupen.com/english/advisories/2010/0077

exchange.xforce.ibmcloud.com/vulnerabilities/55471

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

Related for CVE-2010-0275

cvelist1 prion1 nvd1