Lucene search
MitreCVE-2008-4807HistoryOct 31, 2008 - 6:09 p.m.
CVE-2008-4807
2008-10-3118:09:08
CWE-255
mitre
web.nvd.nist.gov
30
ibm
lotus connections
password storage
sensitive information disclosure
security vulnerability
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.8
Confidence
Low
EPSS
0
Percentile
5.1%
IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected configurations
Node
ibmlotus_connectionsRange≤2.0
ORibmlotus_connectionsMatch1.0.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_connections | * | cpe:2.3:a:ibm:lotus_connections:*:*:*:*:*:*:*:* |
| ibm | lotus_connections | 1.0.2 | cpe:2.3:a:ibm:lotus_connections:1.0.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-4807
2008-10-31 17:18:00
prion
prion
Information disclosure
2008-10-31 18:09:00
nvd
nvd
CVE-2008-4807
2008-10-31 18:09:08
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.8
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2008-4807