NVD

Id
8319  
Name
CVE-2011-1370  
Description
The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2011-10-29  
Modified Date
2012-03-27  
Seq
2011-1370  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
47702 8319 CVE-2011-1370 http://www-01.ibm.com/support/docview.wss?uid=swg21569452  View
47703 8319 CVE-2011-1370 lotussametime-configserv-info-disclosure(70923)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
32467 JVNDB-2011-002707 IBM Lotus Sametime における構成設定の情報を読まれる脆弱性 IBM Lotus Sametime サーバの Sametime configuration servlet (SCS) のデフォルト設定は、認証要求を可能にしないため、構成設定の情報を読まれる脆弱性が存在します。 CVE-2011-1370 49277 CVE-2011-1370 8319 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-002707.html 2011-10-29 2011-11-07 View