Default Configuration of IBM Lotus Domino Server Console Allows Unauthorized Access

Default Configuration of IBM Lotus Domino Server Console Allows Unauthorized Access

CVE-2011-1520 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The default configuration of the server console in IBM Lotus Domino does not require a password (aka Server_Console_Password), which allows physically proximate attackers to perform administrative changes or obtain sensitive information via a (1) Load, (2) Tell, or (3) Set Configuration command.

Learn more about our Cis Benchmark Audit For Ibm I.