PT-2017-8885 · Ibm · Ibm Domino

Publicado

2017-06-07

·

Atualizado

2019-10-16

·

CVE-2016-6087

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions IBM Domino versions 8.5 through 9.0
Description The issue allows an attacker to steal credentials by utilizing multiple sessions and large amounts of data, exploiting the Domino TLS Key Exchange validation.
Recommendations For IBM Domino versions 8.5 through 9.0, consider restricting access to sensitive data and implementing additional security measures to prevent credential theft until a fix is available.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2016-6087

Produtos afetados

Ibm Domino