7.6
CVE-2010-2279
- EPSS 1.27%
- Veröffentlicht 15.06.2010 14:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:27
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when "forced SSL" is enabled, uses http for links, which has unspecified impact and remote attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Lotus Connections Version2.5.0
Ibm ≫ Lotus Connections Version2.5.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.27% | 0.659 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.6 | 4.9 | 10 |
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/40007
http://www-01.ibm.com/support/docview.wss?uid=swg21431472
http://www.vupen.com/english/advisories/2010/1281
http://www-1.ibm.com/support/docview.wss?uid=swg1LO48325