CVE-2011-1519
CRITICAL
10.0
CVSS Severity Score
Vulnerability Description
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920.
Affected Platforms (CPE)
📦
Ibm
Lotus Domino
= 7.0📦
Ibm
Lotus Domino
= 7.0.1📦
Ibm
Lotus Domino
= 7.0.1.1📦
Ibm
Lotus Domino
= 7.0.2📦
Ibm
Lotus Domino
= 7.0.2.1📦
Ibm
Lotus Domino
= 7.0.2.2📦
Ibm
Lotus Domino
= 7.0.2.3📦
Ibm
Lotus Domino
= 7.0.3📦
Ibm
Lotus Domino
= 7.0.3.1📦
Ibm
Lotus Domino
= 7.0.4📦
Ibm
Lotus Domino
= 7.0.4.1📦
Ibm
Lotus Domino
= 7.0.4.2📦
Ibm
Lotus Domino
= 8.0📦
Ibm
Lotus Domino
= 8.0.1📦
Ibm
Lotus Domino
= 8.0.2📦
Ibm
Lotus Domino
= 8.0.2.1📦
Ibm
Lotus Domino
= 8.0.2.2📦
Ibm
Lotus Domino
= 8.0.2.3📦
Ibm
Lotus Domino
= 8.0.2.4📦
Ibm
Lotus Domino
= 8.0.2.5📦
Ibm
Lotus Domino
= 8.0.2.6📦
Ibm
Lotus Domino
= 8.5.0📦
Ibm
Lotus Domino
= 8.5.0.1📦
Ibm
Lotus Domino
= 8.5.1📦
Ibm
Lotus Domino
= 8.5.1.1📦
Ibm
Lotus Domino
= 8.5.1.2📦
Ibm
Lotus Domino
= 8.5.1.3📦
Ibm
Lotus Domino
= 8.5.1.4📦
Ibm
Lotus Domino
= 8.5.1.5📦
Ibm
Lotus Domino
= 8.5.2📦
Ibm
Lotus Domino
= 8.5.2.1📦
Ibm
Lotus Domino
= 8.5.2.2📦
Ibm