ID |
CVE-2013-0534
|
Summary |
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:ibm:lotus_sametime:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:lotus_sametime:8.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.5.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:lotus_sametime:8.5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.5.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:lotus_sametime:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.5.2:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:lotus_sametime:8.5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_sametime:8.5.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:sametime:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sametime:8.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:sametime:8.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sametime:8.5.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:sametime:8.5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sametime:8.5.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:sametime:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sametime:8.5.2:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:sametime:8.5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sametime:8.5.2.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 1.9 (as of 29-08-2017 - 01:33) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-255 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:L/AC:M/Au:N/C:P/I:N/A:N
|
refmap
via4
|
|
Last major update |
29-08-2017 - 01:33 |
Published |
21-06-2013 - 14:55 |
Last modified |
29-08-2017 - 01:33 |