IBM Lotus Domino 7.0.x prior to 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm lotus domino 7.0 |
||
ibm lotus domino 7.0.1 |
||
ibm lotus domino 7.0.2 |