CVE-2014-8921

IBM Notes Traveler Companion <1.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote attackers to capture credentials by conducting a phishing attack involving an encrypted e-mail message.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21690582

Scores

EPSS 0.0179
EPSS Percentile 75.7%

Details

CWE
CWE-200
Status published
Products (2)
ibm/notes_traveler_companion 1.0
ibm/notes_traveler_companion 1.1
Published Mar 02, 2015
Tracked Since Feb 18, 2026