CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5308

Cross-site request forgery (CSRF) vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack the authentication of arbitrary users for requests that create problem reports via a getReportProblem upload action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.9%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2012-5308

Ibm » Lotus Notes Traveler » Version: 8.5.0.0

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0
Ibm » Lotus Notes Traveler » Version: 8.5.0.1

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1
Ibm » Lotus Notes Traveler » Version: 8.5.0.2

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2
Ibm » Lotus Notes Traveler » Version: 8.5.1.1

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1
Ibm » Lotus Notes Traveler » Version: 8.5.1.2

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2
Ibm » Lotus Notes Traveler » Version: 8.5.1.3

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3
Ibm » Lotus Notes Traveler » Version: 8.5.2.1

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1
Ibm » Lotus Notes Traveler » Version: 8.5.3

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3
Ibm » Lotus Notes Traveler » Version: 8.5.3.1

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1
Ibm » Lotus Notes Traveler » Version: 8.5.3.2

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2
Ibm » Lotus Notes Traveler » Version: 8.5.3.3

cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5308

Products

Pricing

Contact Us