Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-1519
HistoryMar 25, 2011 - 7:55 p.m.

CVE-2011-1519

2011-03-2519:55:01
CWE-287
[email protected]
web.nvd.nist.gov
41
ibm
lotus domino
server controller
remote console
authentication bypass
cve-2011-1519
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.077 Low

EPSS

Percentile

94.2%

JSON

The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920.

Affected configurations

NVD
Node
ibmlotus_dominoMatch7.0
OR
ibmlotus_dominoMatch7.0.1
OR
ibmlotus_dominoMatch7.0.1.1
OR
ibmlotus_dominoMatch7.0.2
OR
ibmlotus_dominoMatch7.0.2.1
OR
ibmlotus_dominoMatch7.0.2.2
OR
ibmlotus_dominoMatch7.0.2.3
OR
ibmlotus_dominoMatch7.0.3
OR
ibmlotus_dominoMatch7.0.3.1
OR
ibmlotus_dominoMatch7.0.4
OR
ibmlotus_dominoMatch7.0.4.1
OR
ibmlotus_dominoMatch7.0.4.2
Node
ibmlotus_dominoMatch8.0
OR
ibmlotus_dominoMatch8.0.1
OR
ibmlotus_dominoMatch8.0.2
OR
ibmlotus_dominoMatch8.0.2.1
OR
ibmlotus_dominoMatch8.0.2.2
OR
ibmlotus_dominoMatch8.0.2.3
OR
ibmlotus_dominoMatch8.0.2.4
OR
ibmlotus_dominoMatch8.0.2.5
OR
ibmlotus_dominoMatch8.0.2.6
OR
ibmlotus_dominoMatch8.5.0
OR
ibmlotus_dominoMatch8.5.0.1
OR
ibmlotus_dominoMatch8.5.1
OR
ibmlotus_dominoMatch8.5.1.1
OR
ibmlotus_dominoMatch8.5.1.2
OR
ibmlotus_dominoMatch8.5.1.3
OR
ibmlotus_dominoMatch8.5.1.4
OR
ibmlotus_dominoMatch8.5.1.5
OR
ibmlotus_dominoMatch8.5.2
OR
ibmlotus_dominoMatch8.5.2.1
OR
ibmlotus_dominoMatch8.5.2.2
OR
ibmlotus_dominoMatch8.5.3

Related

prion 3
cvelist 3
nvd 3
seebug 1
packetstorm 1
openvas 2
exploitdb 1
zdi 1
cve 2
nessus 1
prion
prion
Authentication flaw
2011-03-25 19:55:00
Authentication flaw
2011-02-08 22:00:00
Authentication flaw
2016-06-29 01:59:00
cvelist
cvelist
CVE-2011-1519
2011-03-25 19:00:00
CVE-2011-0920
2022-10-03 16:15:21
CVE-2016-0304
2016-06-29 01:00:00
nvd
nvd
CVE-2011-1519
2011-03-25 19:55:01
CVE-2011-0920
2011-02-08 22:00:02
CVE-2016-0304
2016-06-29 01:59:06
seebug
seebug
IBM Lotus Domino Server Controller Authentication Bypass Vulnerability
2011-12-01 00:00:00
packetstorm
packetstorm
IBM Lotus Domino Authentication Bypass
2011-11-30 00:00:00
openvas
openvas
IBM Lotus Domino Cookie File Authentication Bypass Vulnerability
2011-05-09 00:00:00
IBM Lotus Domino Multiple Remote Buffer Overflow Vulnerabilities
2011-05-09 00:00:00
exploitdb
exploitdb
IBM Lotus Domino Server Controller - Authentication Bypass
2011-11-30 00:00:00
zdi
zdi
(0Day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
2011-03-22 00:00:00
cve
cve
CVE-2011-0920
2022-10-03 16:15:21
CVE-2016-0304
2016-06-29 01:59:06
nessus
nessus
IBM Lotus Domino 8.5.x < 8.5.3 Multiple Vulnerabilities
2013-04-26 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.077 Low

EPSS

Percentile

94.2%

JSON
Related for CVE-2011-1519
prion3cvelist3nvd3seebug1packetstorm1openvas2exploitdb1zdi1cve2nessus1