Lucene search

[email protected]NVD:CVE-2011-1032

HistoryFeb 15, 2011 - 1:00 a.m.

CVE-2011-1032

2011-02-1501:00:01

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.003

Percentile

69.0%

JSON

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors.

Affected configurations

Nvd

Node

ibmlotus_connectionsMatch3.0

AND

ibmwebsphere_application_serverMatch7.0.0.11

VendorProductVersionCPE
ibmlotus_connections3.0cpe:2.3:a:ibm:lotus_connections:3.0:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.11cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_connections	3.0	cpe:2.3:a:ibm:lotus_connections:3.0:::::::*
ibm	websphere_application_server	7.0.0.11	cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:::::::*

References

osvdb.org/70931

secunia.com/advisories/43298

www-01.ibm.com/support/docview.wss?uid=swg1PK54565

www.ibm.com/support/docview.wss?uid=swg21462435

www.vupen.com/english/advisories/2011/0382

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0.003

Percentile

69.0%

JSON

Related for NVD:CVE-2011-1032

cve1 prion1 cvelist1