CVE-2013-0487 — HIGH (8.5) — White Hats Nepal

Vulnerability Description

The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.

CVSS Score

8.5

HIGH

AV:N/AC:M/Au:S/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Ibm	Lotus Domino	8.5.0

Related Weaknesses (CWE)

CWE-287

References

http://www-01.ibm.com/support/docview.wss?uid=swg21627597Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/81852
http://www-01.ibm.com/support/docview.wss?uid=swg21627597Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/81852

FAQ

What is CVE-2013-0487?

CVE-2013-0487 is a vulnerability with a CVSS score of 8.5 (HIGH). The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN.

How severe is CVE-2013-0487?

CVE-2013-0487 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-0487?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Domino.