Lucene search

[email protected]NVD:CVE-2008-4807

HistoryOct 31, 2008 - 6:09 p.m.

CVE-2008-4807

2008-10-3118:09:08

CWE-255

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

ibmlotus_connectionsRange≤2.0

ibmlotus_connectionsMatch1.0.2

VendorProductVersionCPE
ibmlotus_connections*cpe:2.3:a:ibm:lotus_connections:*:*:*:*:*:*:*:*
ibmlotus_connections1.0.2cpe:2.3:a:ibm:lotus_connections:1.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_connections	*	cpe:2.3:a:ibm:lotus_connections::::::::
ibm	lotus_connections	1.0.2	cpe:2.3:a:ibm:lotus_connections:1.0.2:::::::*

References

secunia.com/advisories/32466

www-01.ibm.com/support/docview.wss?uid=swg27014008

www.securityfocus.com/bid/31989

exchange.xforce.ibmcloud.com/vulnerabilities/46213

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2008-4807

cvelist1 prion1 cve1