This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
A remote database can be accessed without credentials.
The version of IBM Domino (formerly IBM Lotus Domino) running on the
remote host is affected by a security bypass vulnerability due to
insufficient access control list (ACL) settings on the administration
databases for ZMerge. An unauthenticated, remote attacker can exploit
this issue to disclose configuration information about the IBM Domino
server installation or possibly to gain manager level access.
See also :
Verify all of the ACLs for the available databases.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 7.5
Public Exploit Available : false