CVE-2011-1370
N/A
N/A
Summary
The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70923
- http://www-01.ibm.com/support/docview.wss?uid=swg21569452
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/70923
- http://www-01.ibm.com/support/docview.wss?uid=swg21569452
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.