[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97545

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-4807

Date: (C)2008-10-31   (M)2017-08-08
 
CVSS Score: 2.1Access Vector: LOCAL
Exploitability Subscore: 3.9Access Complexity: LOW
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE











IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Reference:
BID-31989
SECUNIA-32466
lotus-connections-tracelog-info-disclosure(46213)

CWE    1
CWE-255

© 2013 SecPod Technologies