CVE-2010-2279

{"id": "CVE-2010-2279", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-06-15T14:30:01.670", "references": [{"url": "http://secunia.com/advisories/40007", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21431472", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LO48325", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/1281", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/40007", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21431472", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LO48325", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/1281", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when \"forced SSL\" is enabled, uses http for links, which has unspecified impact and remote attack vectors."}, {"lang": "es", "value": "La implementaci\u00f3n Top Updates del componente Homepage de IBM Lotus Connections v2.5.x anterior a v2.5.0.2, cuando est\u00e1 habilitado \"forced SSL\", utiliza http para los enlaces, esto tiene un impacto y vectores de ataque desconocidos."}], "lastModified": "2024-11-21T01:16:18.530", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_connections:2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C158C61A-ADC7-410D-93D1-25F594B089B0"}, {"criteria": "cpe:2.3:a:ibm:lotus_connections:2.5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F331AFF-4A81-4131-A310-E71B51157EC0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}