Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Lotus Mobile Connect Security Vulnerabilities

cve
cve

CVE-2010-4590

Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.7AI Score

0.002EPSS

2010-12-22 09:00 PM
24
cve
cve

CVE-2010-4591

The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a...

6.4AI Score

0.0004EPSS

2010-12-22 09:00 PM
23
cve
cve

CVE-2010-4592

The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service (me...

6.7AI Score

0.008EPSS

2010-12-22 09:00 PM
29
cve
cve

CVE-2010-4593

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devi...

6.2AI Score

0.003EPSS

2010-12-22 09:00 PM
24
cve
cve

CVE-2010-4594

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests tha...

6.7AI Score

0.003EPSS

2010-12-22 09:00 PM
25
cve
cve

CVE-2010-4595

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote attackers to bypass intended access restrictions via an HTTP request that contains a disallowed User-Agent header.

6.7AI Score

0.002EPSS

2010-12-22 09:00 PM
24
cve
cve

CVE-2011-4465

Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect (LMC) 6.1.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden redirect URL.

5.6AI Score

0.002EPSS

2011-11-19 03:58 AM
22