Vulnerability Description
IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Connections | <= 2.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32466Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg27014008
- http://www.securityfocus.com/bid/31989
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46213
- http://secunia.com/advisories/32466Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg27014008
- http://www.securityfocus.com/bid/31989
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46213
FAQ
What is CVE-2008-4807?
CVE-2008-4807 is a vulnerability with a CVSS score of 2.1 (LOW). IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the ...
How severe is CVE-2008-4807?
CVE-2008-4807 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-4807?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Connections.