CVE Vulnerabilities

CVE-2012-0191

Published: Jun 22, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.

Affected Software

Name Vendor Start Version End Version
Lotus_expeditor Ibm 6.1.1 6.1.1
Lotus_expeditor Ibm 6.2.3 6.2.3
Lotus_expeditor Ibm 6.1 6.1
Lotus_expeditor Ibm 6.2 6.2
Lotus_expeditor Ibm 6.2.1 6.2.1
Lotus_expeditor Ibm 6.2.2 6.2.2

References