Authentication bypass vulnerability in COOKIEFILE field in Server Controller in IBM Lotus Domino 7.x and 8.xID: oval:org.secpod.oval:def:599 | Date: (C)2011-04-01 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with IBM Lotus Domino and is prone to authentication bypass vulnerability. A flaw is present in the Server Controller authentication mechanism, which accepts UNC share pathnames in the COOKIEFILE field which retrieves stored credentials. Successful exploitation could allow remote attackers to bypass authentication.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |