CVE-2011-1519
published 2011-03-25CVE-2011-1519: The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |
| ibm | lotus_domino | — | — |