CVE-2010-4547

IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly apply policy documents to mobile users from a different Domino domain than the Traveler server, which allows remote authenticated users to bypass intended access restrictions by using credentials from a different domain.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
ibmlotus_notes_traveler
𝑥
≤ 8.5.1.2
ibmlotus_notes_traveler
8.0
ibmlotus_notes_traveler
8.0.1
ibmlotus_notes_traveler
8.0.1.2
ibmlotus_notes_traveler
8.0.1.3
ibmlotus_notes_traveler
8.5.0.0
ibmlotus_notes_traveler
8.5.0.1
ibmlotus_notes_traveler
8.5.0.2
ibmlotus_notes_traveler
8.5.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-1.ibm.com/support/docview.wss?uid=swg1LO49967
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes
http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument
http://www-1.ibm.com/support/docview.wss?uid=swg1LO49967
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes
http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument