CVE-2013-0522 — Sensitive Information Exposure in IBM Lotus Notes

CWE-200 — Sensitive Information Exposure4 documents4 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 87.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedJul 16
Latest updateMay 5

Description

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages1 packages

â–¶NVDibm/lotus_notes8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-c6p4-3xgv-xp74: The Notes Client Single Logon feature in IBM Notes 8↗2022-05-05
â–¶
CVEList
CVE-2013-0522: The Notes Client Single Logon feature in IBM Notes 8↗2018-07-16
â–¶

💬Community

1
Bugzilla
CVE-2011-4355 gdb: object file .debug_gdb_scripts section improper input validation↗2011-05-09
â–¶
CVE-2013-0522 — Sensitive Information Exposure in IBM | cvebase