Vulnerability Description
IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Connections | 3.0 |
| Ibm | Websphere Application Server | 7.0.0.11 |
Related Weaknesses (CWE)
References
- http://osvdb.org/70931
- http://secunia.com/advisories/43298Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK54565
- http://www.ibm.com/support/docview.wss?uid=swg21462435
- http://www.vupen.com/english/advisories/2011/0382
- http://osvdb.org/70931
- http://secunia.com/advisories/43298Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1PK54565
- http://www.ibm.com/support/docview.wss?uid=swg21462435
- http://www.vupen.com/english/advisories/2011/0382
FAQ
What is CVE-2011-1032?
CVE-2011-1032 is a vulnerability with a CVSS score of 6.8 (MEDIUM). IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors.
How severe is CVE-2011-1032?
CVE-2011-1032 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1032?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Connections, Ibm Websphere Application Server.