- Description
- The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A80A1E8B-43C8-449F-9B16-01F30D23E3D7"
}
],
"operator": "OR"
}
]
}
]