CVE-2008-7286

CWE-20Improper Input Validation3 documents3 sources
Severity
3.5LOW
EPSS
0.3%
top 43.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Quickr
Timeline
PublishedMar 22
Latest updateMay 17

Description

IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-25fm-gvgp-hcrp: IBM Lotus Quickr 82022-05-17
CVEList
CVE-2008-7286: IBM Lotus Quickr 82011-03-22
CVE-2008-7286 (LOW CVSS 3.5) | IBM Lotus Quickr 8.1 before 8.1.0.2 | cvebase.io