Lucene search
HistoryApr 20, 2010 - 3:30 p.m.
CVE-2010-1487
ibm
lotus notes
security
vulnerability
credentials
cleartext
surunas.exe
nvd
6.3 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:lotus_notes | ibm lotus notes | eq | 8.5 |
| ibm:lotus_notes | ibm lotus notes | eq | 7.0 |
| ibm:lotus_notes | ibm lotus notes | eq | 8.0 |
6.3 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2010-1487