CVE-2011-1370
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message.
La configuración por defecto del servlet de configuración de Sametime (SCS) del servidor de IBM Lotus Sametime 7.0 hasta la versión 8.5.2 no habilita el requisito de autenticación, lo que permite a atacantes remotos leer las opciones de configuración examinando un mensaje de respuesta.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-03-10 CVE Reserved
- 2011-10-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21569452 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/70923 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.0 Search vendor "Ibm" for product "Lotus Sametime" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.5 Search vendor "Ibm" for product "Lotus Sametime" and version "7.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.5.0.1 Search vendor "Ibm" for product "Lotus Sametime" and version "7.5.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.5.1 Search vendor "Ibm" for product "Lotus Sametime" and version "7.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.5.1.1 Search vendor "Ibm" for product "Lotus Sametime" and version "7.5.1.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 7.5.1.2 Search vendor "Ibm" for product "Lotus Sametime" and version "7.5.1.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 8.0 Search vendor "Ibm" for product "Lotus Sametime" and version "8.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 8.0.1 Search vendor "Ibm" for product "Lotus Sametime" and version "8.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 8.0.2 Search vendor "Ibm" for product "Lotus Sametime" and version "8.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 8.5 Search vendor "Ibm" for product "Lotus Sametime" and version "8.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 8.5.1 Search vendor "Ibm" for product "Lotus Sametime" and version "8.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Sametime Search vendor "Ibm" for product "Lotus Sametime" | 8.5.2 Search vendor "Ibm" for product "Lotus Sametime" and version "8.5.2" | - |
Affected
| ||||||