Token Management Flaw in IBM Lotus Mobile Connect
CVE-2010-4591

Currently unrated

Key Information:

Vendor

IBM
Status
Lotus Mobile Connect
Vendor
CVE Published:
22 December 2010

What is CVE-2010-4591?

The Connection Manager in IBM Lotus Mobile Connect prior to version 6.1.4 contains a significant security flaw where LTPA tokens are not adequately deleted after the use of the iNotes Logoff button. This oversight can leave users vulnerable, allowing nearby attackers to potentially access sensitive information via an unattended client due to a mismatch in cookie domains.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/42703
third-party-advisoryx_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg27020327
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ74393
vendor-advisoryx_refsource_AIXAPAR

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.