CVE-2005-2454

CWE-2643 documents3 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 77.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedDec 31
Latest updateMay 1

Description

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDibm/lotus_notes4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-qw8h-qrwc-x49w: IBM Lotus Notes 62022-05-01
CVEList
CVE-2005-2454: IBM Lotus Notes 62006-10-18
CVE-2005-2454 (MEDIUM CVSS 4.6) | IBM Lotus Notes 6.5.4 and 6.5.5 | cvebase.io