Ibm: >> Lotus Domino >> 8.5.3 Security Vulnerabilities
The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920.
CVSS Score
10.0
EPSS Score
0.115
Published
2011-03-25