Notes/Domino Fix List
SPR # KEMG6T7HEXFixed in 6.5.6; 7.0.2 FP1; 7.0.3 releaseSecurity fix



Product Area: Server Technical Area: Mail Server Platform: Cross Platform

Lotus Customer Support APAR: LO23279

SPR# KEMG6T7HEX - Fixed a potential security issue. See technote #1257028 for more details.

Technote Number: 1257028

Problem:
This issue was reported to Quality Engineering as SPR# KEMG6T7HEX, and has been
fixed in Lotus Domino 6.5.5 Fix Pack 3 (FP3), Domino 6.5.6, and Domino 7.0.2
Fix Pack 1 (FP1).

Assessing this vulnerability using the Common Vulnerability Scoring System
(CVSS):
CVSS Base Score: 5
CVSS Temporal Score: 3.9
CVSS Environmental Score: Undefined*
Overall CVSS Score: 3.9

*The CVSS Environment Score is customer environment specific and will
ultimately impact the Overall Score. Customers can evaluate the impact of
this vulnerability in their environments by accessing the referenced links
below.

Base Score Metrics:
Related exploit range/Attack Vector: Remote
Attack Complexity: Low
Level of Authentication Needed: Not Required
Confidentiality Impact: None
Integrity Impact: None
Availability Impact: Complete
Impact Value Weighting: Weight Availability

Temporal Score Metrics:
Availability of Exploit: Proof of concept code
Type of Fix available: Official fix
Level of verification that vulnerability exists: Confirmed

References:
Complete CVSS Guide:
http://www.first.org/cvss/cvss-guide.html

Online Calculator:
http://nvd.nist.gov/cvss.cfm?calculator
More >



Last Modified on 12/08/2013

Go back