Описание
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 6.1.3 (включая)
Одно из
cpe:2.3:a:ibm:lotus_mobile_connect:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_mobile_connect:6.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_mobile_connect:6.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_mobile_connect:6.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00406
Низкий
4 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
больше 3 лет назад
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.
EPSS
Процентиль: 61%
0.00406
Низкий
4 Medium
CVSS2
Дефекты
CWE-399