CVE-2011-1370
First published: Sat Oct 29 2011(Updated: )
The default configuration of the Sametime configuration servlet (SCS) in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Sametime | =8.0.1 | |
| IBM Lotus Sametime | =8.5 | |
| IBM Lotus Sametime | =8.0 | |
| IBM Lotus Sametime | =8.0.2 | |
| IBM Lotus Sametime | =7.5.1 | |
| IBM Lotus Sametime | =7.5.0.1 | |
| IBM Lotus Sametime | =7.5.1.1 | |
| IBM Lotus Sametime | =8.5.2 | |
| IBM Lotus Sametime | =7.5.1.2 | |
| IBM Lotus Sametime | =7.0 | |
| IBM Lotus Sametime | =8.5.1 | |
| IBM Lotus Sametime | =7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm lotus sametime
- version/ibm lotus sametime/8.0.1
- version/ibm lotus sametime/8.5
- version/ibm lotus sametime/8.0
- version/ibm lotus sametime/8.0.2
- version/ibm lotus sametime/7.5.1
- version/ibm lotus sametime/7.5.0.1
- version/ibm lotus sametime/7.5.1.1
- version/ibm lotus sametime/8.5.2
- version/ibm lotus sametime/7.5.1.2
- version/ibm lotus sametime/7.0
- version/ibm lotus sametime/8.5.1
- version/ibm lotus sametime/7.5