Lucene search

K
cve[email protected]CVE-2010-0275
HistoryJan 09, 2010 - 6:30 p.m.

CVE-2010-0275

2010-01-0918:30:01
web.nvd.nist.gov
20
ibm
lotus
inotes
ultra-light mode
cve-2010-0275
domino
web access
dwa
nvd
security
vulnerability

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

69.6%

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

Affected configurations

NVD
Node
ibmlotus_inotesRange229.231
OR
ibmlotus_inotesMatch229.011
OR
ibmlotus_inotesMatch229.021
OR
ibmlotus_inotesMatch229.031
OR
ibmlotus_inotesMatch229.041
OR
ibmlotus_inotesMatch229.051
OR
ibmlotus_inotesMatch229.061
OR
ibmlotus_inotesMatch229.101
OR
ibmlotus_inotesMatch229.111
OR
ibmlotus_inotesMatch229.131
OR
ibmlotus_inotesMatch229.141
OR
ibmlotus_inotesMatch229.151
OR
ibmlotus_inotesMatch229.161
OR
ibmlotus_inotesMatch229.171
OR
ibmlotus_inotesMatch229.181
OR
ibmlotus_inotesMatch229.191
OR
ibmlotus_inotesMatch229.201
OR
ibmlotus_inotesMatch229.211
OR
ibmlotus_inotesMatch229.221
AND
ibmlotus_dominoMatch8.0.2.3
VendorProductVersionCPE
ibmlotus_inotes229.111cpe:/a:ibm:lotus_inotes:229.111:::
ibmlotus_inotes229.221cpe:/a:ibm:lotus_inotes:229.221:::
ibmlotus_inotes229.041cpe:/a:ibm:lotus_inotes:229.041:::
ibmlotus_inotes229.191cpe:/a:ibm:lotus_inotes:229.191:::
ibmlotus_inotes229.141cpe:/a:ibm:lotus_inotes:229.141:::
ibmlotus_inotes229.211cpe:/a:ibm:lotus_inotes:229.211:::
ibmlotus_inotes229.201cpe:/a:ibm:lotus_inotes:229.201:::
ibmlotus_inotes229.031cpe:/a:ibm:lotus_inotes:229.031:::
ibmlotus_inotes229.181cpe:/a:ibm:lotus_inotes:229.181:::
ibmlotus_inotes229.061cpe:/a:ibm:lotus_inotes:229.061:::
Rows per page:
1-10 of 191

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

69.6%

Related for CVE-2010-0275