CVE-2011-1519
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920.
Affected Platforms (CPE)
π¦
Ibm
Lotus Domino
= 7.0π¦
Ibm
Lotus Domino
= 7.0.1π¦
Ibm
Lotus Domino
= 7.0.1.1π¦
Ibm
Lotus Domino
= 7.0.2π¦
Ibm
Lotus Domino
= 7.0.2.1π¦
Ibm
Lotus Domino
= 7.0.2.2π¦
Ibm
Lotus Domino
= 7.0.2.3π¦
Ibm
Lotus Domino
= 7.0.3π¦
Ibm
Lotus Domino
= 7.0.3.1π¦
Ibm
Lotus Domino
= 7.0.4π¦
Ibm
Lotus Domino
= 7.0.4.1π¦
Ibm
Lotus Domino
= 7.0.4.2π¦
Ibm
Lotus Domino
= 8.0π¦
Ibm
Lotus Domino
= 8.0.1π¦
Ibm
Lotus Domino
= 8.0.2π¦
Ibm
Lotus Domino
= 8.0.2.1π¦
Ibm
Lotus Domino
= 8.0.2.2π¦
Ibm
Lotus Domino
= 8.0.2.3π¦
Ibm
Lotus Domino
= 8.0.2.4π¦
Ibm
Lotus Domino
= 8.0.2.5π¦
Ibm
Lotus Domino
= 8.0.2.6π¦
Ibm
Lotus Domino
= 8.5.0π¦
Ibm
Lotus Domino
= 8.5.0.1π¦
Ibm
Lotus Domino
= 8.5.1π¦
Ibm
Lotus Domino
= 8.5.1.1π¦
Ibm
Lotus Domino
= 8.5.1.2π¦
Ibm
Lotus Domino
= 8.5.1.3π¦
Ibm
Lotus Domino
= 8.5.1.4π¦
Ibm
Lotus Domino
= 8.5.1.5π¦
Ibm
Lotus Domino
= 8.5.2π¦
Ibm
Lotus Domino
= 8.5.2.1π¦
Ibm
Lotus Domino
= 8.5.2.2π¦
Ibm