CVE-2013-0487Improper Authentication in IBM Lotus Domino

CWE-287Improper Authentication3 documents3 sources
Severity
8.5HIGHNVD
EPSS
0.6%
top 30.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Domino
Timeline
PublishedMar 27
Latest updateMay 5

Description

The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages1 packages

NVDibm/lotus_domino16 versions+15

🔴Vulnerability Details

2
GHSA
GHSA-4c4c-jrm5-x8x5: The Java Console in IBM Domino 82022-05-05
CVEList
CVE-2013-0487: The Java Console in IBM Domino 82013-03-27
CVE-2013-0487 — Improper Authentication in IBM | cvebase