Authentication Bypass Vulnerability in IBM Domino
CVE-2016-0304
8.1HIGH
Summary
The Java Console in IBM Domino versions prior to 8.5.3 FP6 IF13 and 9.0.1 FP6 suffers from a flaw when certain unsupported configurations involving UNC share pathnames are utilized. This vulnerability enables remote attackers to bypass authentication mechanisms, potentially leading to arbitrary code execution. The issue is attributed to an incomplete remedy for a previously identified vulnerability, which heightens the risk of exploitation.
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved