CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-0191

The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.5%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.ibm.com/support/docview.wss?uid=swg21575642
https://exchange.xforce.ibmcloud.com/vulnerabilities/72156
http://www.ibm.com/support/docview.wss?uid=swg21575642
https://exchange.xforce.ibmcloud.com/vulnerabilities/72156

Products affected by CVE-2012-0191

Ibm » Lotus Expeditor » Version: 6.1

cpe:2.3:a:ibm:lotus_expeditor:6.1
Ibm » Lotus Expeditor » Version: 6.1.1

cpe:2.3:a:ibm:lotus_expeditor:6.1.1
Ibm » Lotus Expeditor » Version: 6.2

cpe:2.3:a:ibm:lotus_expeditor:6.2
Ibm » Lotus Expeditor » Version: 6.2.1

cpe:2.3:a:ibm:lotus_expeditor:6.2.1
Ibm » Lotus Expeditor » Version: 6.2.2

cpe:2.3:a:ibm:lotus_expeditor:6.2.2
Ibm » Lotus Expeditor » Version: 6.2.3

cpe:2.3:a:ibm:lotus_expeditor:6.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0191

Products

Pricing

Contact Us