CVE-2006-5835

3 documents3 sources
Severity
5.0MEDIUM
EPSS
2.5%
top 14.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedNov 10
Latest updateMay 1

Description

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/lotus_notes16 versions+15

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-26m3-ccwr-9974: The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 62022-05-01
CVEList
CVE-2006-5835: The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 62006-11-10
CVE-2006-5835 (MEDIUM CVSS 5) | The Notes Remote Procedure Call (NR | cvebase.io