Vulnerability Name: | CVE-2002-1010 (CCN-10386) | ||||||||
Assigned: | 2002-07-03 | ||||||||
Published: | 2002-07-03 | ||||||||
Updated: | 2008-09-05 | ||||||||
Summary: | Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Bypass Security | ||||||||
References: | Source: CCN Type: VulnWatch Mailing List, Wed Jul 03 2002 - 00:19:52 CDT Lotus Domino R4 Web Server -- File Retreival Vulnerability Source: VULNWATCH Type: Vendor Advisory 20020703 [VulnWatch] Lotus Domino R4 File Retrieval Vulnerability... Source: MITRE Type: CNA CVE-2002-1010 Source: CCN Type: IBM Web site IBM Lotus Software - Notes and Domino Source: CCN Type: OSVDB ID: 10822 IBM Lotus Domino Question Mark HTTP Request Web Handler Bypass Source: XF Type: UNKNOWN lotus-domino-url-bypass(10386) | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
BACK |