Lucene search

MitreCVE-2011-1032

HistoryFeb 15, 2011 - 1:00 a.m.

CVE-2011-1032

2011-02-1501:00:01

CWE-264

mitre

web.nvd.nist.gov

ibm

lotus connections

websphere

application server

security vulnerability

cve-2011-1032

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

0.003

Percentile

69.0%

JSON

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors.

Affected configurations

Nvd

Node

ibmlotus_connectionsMatch3.0

AND

ibmwebsphere_application_serverMatch7.0.0.11

VendorProductVersionCPE
ibmlotus_connections3.0cpe:2.3:a:ibm:lotus_connections:3.0:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.11cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_connections	3.0	cpe:2.3:a:ibm:lotus_connections:3.0:::::::*
ibm	websphere_application_server	7.0.0.11	cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:::::::*

References

osvdb.org/70931

secunia.com/advisories/43298

www-01.ibm.com/support/docview.wss?uid=swg1PK54565

www.ibm.com/support/docview.wss?uid=swg21462435

www.vupen.com/english/advisories/2011/0382

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

0.003

Percentile

69.0%

JSON

Related for CVE-2011-1032