The Connection Manager in IBM Lotus Mobile Connect prior to 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote malicious users to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests that trigger "queue size delta errors," related to a "timing hole" issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm lotus mobile connect |
||
ibm lotus mobile connect 6.1.2 |
||
ibm lotus mobile connect 6.1.1.1 |
||
ibm lotus mobile connect 6.1.1 |