Summary
The host is installed with IBM Lotus Domino and is prone to cross site scripting vulnerability.
Impact
Successful exploitation will allow remote authenticated users to hijack the authentication of unspecified victims.
Impact Level: Application
Solution
No solution or patch was made available since disclosure of this vulnerability.
Likely none will be provided anymore as the product is discontinued.General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
The flaw is in the webadmin.nsf file in Domino Web Administrator which fails to validate user supplied input properly.
Affected
IBM Lotus Domino 8.5 and 9.0
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-4050, CVE-2013-4051, CVE-2013-4055 -
CVSS Base Score: 6.0
AV:N/AC:M/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- Asterisk SIP REGISTER Response Username Enumeration Vulnerability
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
- Apple Mac OS X Authentication Bypass Vulnerability
- Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Mac OS X)