Lucene search

[email protected]NVD:CVE-2010-0921

HistoryMar 03, 2010 - 7:30 p.m.

CVE-2010-0921

2010-03-0319:30:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

44.9%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of “XSS/CSRF Get Filter and Referer Check fixes.”

Affected configurations

Nvd

Node

ibmlotus_inotesRange≤229.271

ibmlotus_inotesMatch229.011

ibmlotus_inotesMatch229.021

ibmlotus_inotesMatch229.031

ibmlotus_inotesMatch229.041

ibmlotus_inotesMatch229.051

ibmlotus_inotesMatch229.061

ibmlotus_inotesMatch229.101

ibmlotus_inotesMatch229.111

ibmlotus_inotesMatch229.131

ibmlotus_inotesMatch229.141

ibmlotus_inotesMatch229.151

ibmlotus_inotesMatch229.161

ibmlotus_inotesMatch229.171

ibmlotus_inotesMatch229.181

ibmlotus_inotesMatch229.191

ibmlotus_inotesMatch229.201

ibmlotus_inotesMatch229.211

ibmlotus_inotesMatch229.221

ibmlotus_inotesMatch229.231

ibmlotus_inotesMatch229.241

ibmlotus_inotesMatch229.251

ibmlotus_inotesMatch229.261

AND

ibmlotus_dominoMatch8.0.2.4

VendorProductVersionCPE
ibmlotus_inotes*cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*
ibmlotus_inotes229.011cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*
ibmlotus_inotes229.021cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*
ibmlotus_inotes229.031cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*
ibmlotus_inotes229.041cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*
ibmlotus_inotes229.051cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*
ibmlotus_inotes229.061cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*
ibmlotus_inotes229.101cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*
ibmlotus_inotes229.111cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*
ibmlotus_inotes229.131cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_inotes	*	cpe:2.3:a:ibm:lotus_inotes::::::::
ibm	lotus_inotes	229.011	cpe:2.3:a:ibm:lotus_inotes:229.011:::::::*
ibm	lotus_inotes	229.021	cpe:2.3:a:ibm:lotus_inotes:229.021:::::::*
ibm	lotus_inotes	229.031	cpe:2.3:a:ibm:lotus_inotes:229.031:::::::*
ibm	lotus_inotes	229.041	cpe:2.3:a:ibm:lotus_inotes:229.041:::::::*
ibm	lotus_inotes	229.051	cpe:2.3:a:ibm:lotus_inotes:229.051:::::::*
ibm	lotus_inotes	229.061	cpe:2.3:a:ibm:lotus_inotes:229.061:::::::*
ibm	lotus_inotes	229.101	cpe:2.3:a:ibm:lotus_inotes:229.101:::::::*
ibm	lotus_inotes	229.111	cpe:2.3:a:ibm:lotus_inotes:229.111:::::::*
ibm	lotus_inotes	229.131	cpe:2.3:a:ibm:lotus_inotes:229.131:::::::*

Rows per page:

1-10 of 241

References

www-01.ibm.com/support/docview.wss?uid=swg27018109

www.securityfocus.com/bid/38459

www.vupen.com/english/advisories/2010/0496

exchange.xforce.ibmcloud.com/vulnerabilities/56556

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.001

Percentile

44.9%

JSON

Related for NVD:CVE-2010-0921

prion1 cvelist1 cve1