Access Restriction Flaw in IBM Lotus Connections and WebSphere Application Server
CVE-2011-1032

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Connections
Vendor: CVE Published:; 15 February 2011

Summary

IBM Lotus Connections 3.0, when operating in conjunction with IBM WebSphere Application Server version 7.0.0.11, is affected by an access control vulnerability. This flaw allows unauthorized users to gain access to the internal login module, potentially leading to unauthorized actions within the application. As a result, sensitive information and functionalities may be exposed to malicious actors, posing a significant security risk that needs to be addressed promptly.

References

http://www.ibm.com/support/docview.wss?uid=swg21462435

x_refsource_CONFIRM

http://osvdb.org/70931

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2011/0382

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Feb 15, 2011
Vulnerability Reserved
Feb 14, 2011