CVE-2013-0536 — IBM Lotus Notes vulnerability

CWE-2643 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 84.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Inotes IBM Lotus Notes IBM Lotus Notes Traveler

Timeline

PublishedJun 21

Latest updateMay 5

Description

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶NVDibm/lotus_notes5 versions+4

▶NVDibm/lotus_inotes8.5.2.0, 8.5.3.0+1

▶NVDibm/lotus_notes_traveler9.0

🔴Vulnerability Details

GHSA

GHSA-xwg7-27f3-h3r6: ntmulti↗2022-05-05

▶

CVEList

CVE-2013-0536: ntmulti↗2013-06-21

▶