CVE Vulnerabilities

CVE-2010-4593

Published: Dec 22, 2010 | Modified: Jan 11, 2011
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.

Affected Software

Name Vendor Start Version End Version
Lotus_mobile_connect Ibm 6.1.1.1 6.1.1.1
Lotus_mobile_connect Ibm 6.1.1 6.1.1
Lotus_mobile_connect Ibm * 6.1.3
Lotus_mobile_connect Ibm 6.1.2 6.1.2

References