CVE-2010-2279

2022-10-0316:21:07

mitre

www.cve.org

ibm

lotus connections

homepage

update issue

ssl

remote attack vectors

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

60.1%

JSON

The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when “forced SSL” is enabled, uses http for links, which has unspecified impact and remote attack vectors.

References

secunia.com/advisories/40007

www-01.ibm.com/support/docview.wss?uid=swg21431472

www-1.ibm.com/support/docview.wss?uid=swg1LO48325

www.vupen.com/english/advisories/2010/1281