IBM Lotus Domino Remote Console improper authentication

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in IBM Lotus Domino (Groupware Software) (version unknown). It has been classified as very critical. Affected is an unknown code of the component Remote Console. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/15/2017 12:47 PM10/14/2021 01:28 AM10/14/2021 01:36 AM
typeGroupware SoftwareGroupware SoftwareGroupware Software
vendorIBMIBMIBM
nameLotus DominoLotus DominoLotus Domino
componentRemote ConsoleRemote ConsoleRemote Console
cwe287 (weak authentication)287 (weak authentication)287 (weak authentication)
risk222
cvss2_vuldb_basescore9.39.39.3
cvss2_vuldb_tempscore9.39.39.3
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss3_meta_basescore10.010.010.0
cvss3_meta_tempscore10.010.010.0
cvss3_vuldb_basescore10.010.010.0
cvss3_vuldb_tempscore10.010.010.0
date1297123200 (02/08/2011)1297123200 (02/08/2011)1297123200 (02/08/2011)
urlhttp://www-01.ibm.com/support/docview.wss?uid=swg21461514http://www-01.ibm.com/support/docview.wss?uid=swg21461514http://www-01.ibm.com/support/docview.wss?uid=swg21461514
price_0day$25k-$100k$5k-$25k$5k-$25k
price_trend+++
cveCVE-2011-0920CVE-2011-0920CVE-2011-0920
cve_nvd_published129712320012971232001297123200
cve_nvd_summaryThe Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.
securityfocus463614636146361
securityfocus_titleIBM Lotus Domino Remote Console Security Bypass VulnerabilityIBM Lotus Domino Remote Console Security Bypass VulnerabilityIBM Lotus Domino Remote Console Security Bypass Vulnerability
vulnerabilitycenter297642976429764
vulnerabilitycenter_titleIBM Lotus Domino Remote Console Remote Authentication Bypass and Code Execution VulnerabilitiesIBM Lotus Domino Remote Console Remote Authentication Bypass and Code Execution VulnerabilitiesIBM Lotus Domino Remote Console Remote Authentication Bypass and Code Execution Vulnerabilities
vulnerabilitycenter_severityHighHighHigh
vulnerabilitycenter_creationdate129772800012977280001297728000
vulnerabilitycenter_lastupdate139190400013919040001391904000
vulnerabilitycenter_reportingdate129738240012973824001297382400
nessus_id662396623966239
nessus_nameIBM Lotus Domino 8.5.x < 8.5.3 Multiple VulnerabilitiesIBM Lotus Domino 8.5.x < 8.5.3 Multiple VulnerabilitiesIBM Lotus Domino 8.5.x < 8.5.3 Multiple Vulnerabilities
nessus_filenamedomino_8_5_3.nasldomino_8_5_3.nasldomino_8_5_3.nasl
nessus_familyWeb ServersWeb ServersWeb Servers
openvas_id902419902419902419
openvas_filenamesecpod_ibm_lotus_domino_mult_vuln.naslsecpod_ibm_lotus_domino_mult_vuln.naslsecpod_ibm_lotus_domino_mult_vuln.nasl
openvas_titleIBM Lotus Domino Multiple Remote Buffer Overflow VulnerabilitiesIBM Lotus Domino Multiple Remote Buffer Overflow VulnerabilitiesIBM Lotus Domino Multiple Remote Buffer Overflow Vulnerabilities
openvas_familyBuffer overflowBuffer overflowBuffer overflow
qualys_id370379370379370379
qualys_titleIBM Lotus Notes and Domino Multiple Buffer Overflow Vulnerabilities (swg21461514)IBM Lotus Notes and Domino Multiple Buffer Overflow Vulnerabilities (swg21461514)IBM Lotus Notes and Domino Multiple Buffer Overflow Vulnerabilities (swg21461514)
seealso4288 56379 56378 56377 56376 56375 585644288 56379 56378 56377 56376 56375 585644288 56379 56378 56377 56376 56375 58564
cvss3_vuldb_acLLL
cvss3_vuldb_uiNNN
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss3_vuldb_avNNN
cvss3_vuldb_prNNN
cvss3_vuldb_sCCC
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auNNN
cvss2_nvd_ciCCC
cvss2_nvd_iiCCC
cvss2_nvd_aiCCC
securityfocus_date1297382400 (02/11/2011)1297382400 (02/11/2011)1297382400 (02/11/2011)
securityfocus_classUnknownUnknownUnknown
confirm_urlhttp://www-01.ibm.com/support/docview.wss?uid=swg21461514http://www-01.ibm.com/support/docview.wss?uid=swg21461514
cve_assigned12971196001297119600
cvss2_nvd_basescore9.39.3
nessus_riskCritical
exploitdb16190

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!