Vulnerabilities > CVE-2010-0275 - Security vulnerability in IBM Lotus Domino Web Access

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

ibm

critical

NVD

Published: 2010-01-09

Updated: 2017-08-17

Summary

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Inotes 229.011 IBM Lotus Inotes 229.021 IBM Lotus Inotes 229.031 IBM Lotus Inotes 229.041 IBM Lotus Inotes 229.051 IBM Lotus Inotes 229.061 IBM Lotus Inotes 229.101 IBM Lotus Inotes 229.111 IBM Lotus Inotes 229.131 IBM Lotus Inotes 229.141 IBM Lotus Inotes 229.151 IBM Lotus Inotes 229.161 IBM Lotus Inotes 229.171 IBM Lotus Inotes 229.181 IBM Lotus Inotes 229.191 IBM Lotus Inotes 229.201 IBM Lotus Inotes 229.211 IBM Lotus Inotes 229.221 IBM Lotus Inotes - IBM Lotus Inotes 6.5.6.3 IBM Lotus Inotes 7.0.3.1 IBM Lotus Inotes 7.0.4.1 IBM Lotus Inotes 8.0.1.0 IBM Lotus Inotes 8.0.2.1 IBM Lotus Inotes 8.0.2.2 IBM Lotus Inotes 8.0.2.3 IBM Lotus Inotes 8.0.2.4 IBM Lotus Inotes 8.5.0.0 IBM Lotus Inotes 8.5.0.1 IBM Lotus Inotes 8.5.1.0 IBM Lotus Inotes 8.5.1.1 IBM Lotus Inotes 8.5.1.2 IBM Lotus Inotes 8.5.1.3 IBM Lotus Inotes 8.5.1.4 IBM Lotus Inotes 8.5.1.5 IBM Lotus Inotes 8.5.2.0 IBM Lotus Inotes 8.5.2.1 IBM Lotus Inotes 8.5.2.2 IBM Lotus Inotes 8.5.2.3 IBM Lotus Inotes 8.5.2.4 IBM Lotus Inotes 8.5.3.0 IBM Lotus Inotes 8.5.3.1 IBM Lotus Inotes 8.5.3.2 IBM Lotus Inotes 8.5.3.3 IBM Lotus Inotes 8.5.3.4 IBM Lotus Inotes 8.5.3.5 IBM Lotus Inotes 8.5.3.6 IBM Lotus Inotes 9.0.0.0 IBM Lotus Inotes 9.0.1.0 IBM Lotus Inotes 9.0.1.1 IBM Lotus Inotes 229.231 IBM Lotus Domino 8.0.2.3	52

Summary

Vulnerable Configurations

References