漏洞类别:Local
漏洞等级: 
漏洞信息
IBM Domino (formerly IBM Lotus Domino) is an advanced platform for hosting social business applications.
There are multiple vulnerabilities in IBM SDK Java Technology Edition Version 6 SR16FP35 that affect IBM Domino.
Affected Versions
IBM Domino 9.0.1 through 9.0.1 FP8 IF3
IBM Domino 8.5.3 through 8.5.3 FP6 IF18
All 9.0.x, 9.0, 8.5.x and 8.5 releases of IBM Domino prior to those listed above
漏洞危害
A remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information.
解决方案
Refer to IBM advisory swg22000516 to obtain more information.
IBM has not issued fix yet. Workaround:
Customers who remain on the following releases may open a Service Request with IBM Support and reference SPR HYUEAHNPDZ and SPR HYUEAHQU7K for a custom hotfix
IBM Domino 9.0.1 through Domino 9.0.1 FP7
IBM Domino 9.0.0x
IBM Domino 8.5.3 through Domino 8.5.3 FP5
IBM Domino 8.5.2x
IBM Domino 8.5.1x
IBM Domino 8.5
0daybank
文章评论