CVE-2013-0522

HIGH

IBM Notes 8.0-9.0 - Unauthorized Password Exposure via Single Logon Feature

Title source: llm
STIX 2.1

Description

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/82531

Scores

CVSS v3 7.0
EPSS 0.0027
EPSS Percentile 19.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (8)
ibm/lotus_notes 8.0
ibm/lotus_notes 8.0.1
ibm/lotus_notes 8.0.2
ibm/lotus_notes 8.5
ibm/lotus_notes 8.5.1
ibm/lotus_notes 8.5.2
ibm/lotus_notes 8.5.3
ibm/lotus_notes 9.0
Published Jul 16, 2018
Tracked Since Feb 18, 2026