CVE-2010-2279

2022-10-0316:21:07

mitre

www.cve.org

ibm

lotus connections

homepage

update issue

ssl

remote attack vectors

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.1%

JSON

The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when “forced SSL” is enabled, uses http for links, which has unspecified impact and remote attack vectors.

References

secunia.com/advisories/40007

www-01.ibm.com/support/docview.wss?uid=swg21431472

www-1.ibm.com/support/docview.wss?uid=swg1LO48325

www.vupen.com/english/advisories/2010/1281