exploitDog

CVE-2010-4592

Опубликовано: 22 дек. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) by making many TCP connection attempts.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:lotus_mobile_connect:*:*:*:*:*:*:*:*

Версия до 6.1.3 (включая)

cpe:2.3:a:ibm:lotus_mobile_connect:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_mobile_connect:6.1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:lotus_mobile_connect:6.1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00603

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-9q23-65gx-4jw8

github

больше 3 лет назад

The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) by making many TCP connection attempts.

EPSS

Процентиль: 69%

0.00603

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-399