Lucene search

Kaspersky LabKLA10200

HistoryMay 08, 2014 - 12:00 a.m.

KLA10200 CI vulnerability in IBM

2014-05-0800:00:00

Kaspersky Lab

threats.kaspersky.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

JSON

An XSS vulnerability was found in IBM products. By exploiting this vulnerability malicious users can inject web script. This vulnerability can be exploited remotely via a specially designed e-mail.

Original advisories

Related products

IBM-Notes

IBM-Domino

CVE list

CVE-2014-0913 warning

Solution

Update to latest version

Impacts

Code injection. Exploitation of vulnerabilities with this impact can lead to changes in target code.

Affected Products

IBM NotesDomino version 8.5.3.6 IF1 and earlierIBM NotesDomino version 9.0.1.0

References

statistics.securelist.com/

threats.kaspersky.com/en/product/IBM-Domino/

threats.kaspersky.com/en/product/IBM-Notes/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.1%

JSON

Related for KLA10200