CVE-2003-0181 — IBM Lotus Domino WEB Server vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

2.8%

top 13.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Domino WEB Server

Timeline

PublishedApr 2

Latest updateApr 29

Description

Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/lotus_domino_web_server6.0

Patches

Patch: www.cert.org ↗Patch: www.nextgenss.com ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-q68v-jwjp-qxf5: Lotus Domino Web Server (nhttp↗2022-04-29

▶

CVEList

CVE-2003-0181: Lotus Domino Web Server (nhttp↗2003-03-29

▶