CVE-2010-1487

CWE-2553 documents3 sources
Severity
2.1LOW
EPSS
0.1%
top 82.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedApr 20
Latest updateMay 17

Description

IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDibm/lotus_notes7.0, 8.0, 8.5+2

🔴Vulnerability Details

2
GHSA
GHSA-w77g-rcmq-p35j: IBM Lotus Notes 72022-05-17
CVEList
CVE-2010-1487: IBM Lotus Notes 72010-04-20
CVE-2010-1487 (LOW CVSS 2.1) | IBM Lotus Notes 7.0 | cvebase.io