Unrated severityNVD Advisory· Published Jun 15, 2010· Updated Jun 16, 2026
CVE-2010-2278
CVE-2010-2278
Description
The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote attackers to obtain the cleartext of network communication by sniffing the network, or spoof arbitrary servers via a man-in-the-middle attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:ibm:lotus_connections:2.5.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:lotus_connections:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_connections:2.5.0.1:*:*:*:*:*:*:*
- (no CPE)range: >=2.5, <=2.5.0.2
Patches
Vulnerability mechanics
References
9- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- secunia.com/advisories/40007nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1281nvdVendor Advisory
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
News mentions
0No linked articles in our index yet.