CVE-2011-1032

critical

Description

IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors.

References

http://www.vupen.com/english/advisories/2011/0382

http://www.ibm.com/support/docview.wss?uid=swg21462435

http://www-01.ibm.com/support/docview.wss?uid=swg1PK54565

http://secunia.com/advisories/43298

http://osvdb.org/70931

Details

Source: Mitre, NVD

Published: 2011-02-15

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00415