CVE-2010-4595 in Lotus Mobile Connectinfo

Summary

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote attackers to bypass intended access restrictions via an HTTP request that contains a disallowed User-Agent header.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

12/22/2010

Disclosure

12/22/2010

Moderation

VulDB entry created

Entries

VDB-55848 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

5.3

EPSS

0.00142

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-4595
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-4595
CVE Details	https://www.cvedetails.com/cve/CVE-2010-4595/

◂ Previous Overview Next ▸