CVE-2007-0068 — IBM Lotus Domino vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

1.8%

top 17.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Domino

Timeline

PublishedJun 6

Latest updateMay 1

Description

IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/lotus_domino7.0, 7.0.1, 7.0.2+2

🔴Vulnerability Details

GHSA

GHSA-cwww-r96m-r246: IBM Lotus Domino 7↗2022-05-01

▶

CVEList

CVE-2007-0068: IBM Lotus Domino 7↗2007-06-06

▶