CVE-2002-0037

3 documents3 sources
Severity
7.5HIGH
EPSS
0.4%
top 36.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Domino Server
Timeline
PublishedApr 22
Latest updateApr 30

Description

Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDibm/lotus_domino_server4.5, 4.6, 5+2

🔴Vulnerability Details

2
GHSA
GHSA-w4q4-x7m7-mhhx: Lotus Domino Servers 52022-04-30
CVEList
CVE-2002-0037: Lotus Domino Servers 52002-04-12
CVE-2002-0037 (HIGH CVSS 7.5) | Lotus Domino Servers 5.x | cvebase.io