Security Vulnerability in WAS 7.0.11 Lotus Connections 3.0

Lotus Connections 3.0 runs on Websphere Application Server (WAS) 7.0.11, Technote 1462435 details a security vulnerability found in WAS 7.0.11.

“After installing fixpack 7.0.0.11 for WebSphere Application Server, an application may be able to invoke an internal login module in an incorrect fashion.
This only applies to an application internal login, and does not apply to a client login.”

The recommendation is to contact support and request Hotfix hotfix 7.0.0.11-WS-WAS-IFPK54565.

This is not listed as a critical vulnerability, but if you are starting a new install, or planning an upgrade might be worthwhile to get this fix on the system up front.

Security vulnerability in Lotus Connections login module

One Response to Security Vulnerability in WAS 7.0.11 Lotus Connections 3.0
  1. […] This post was mentioned on Twitter by Mitch Cohen, SandraCH. SandraCH said: RT @curiousmitch: New Blog Post: Security Vulnerability in WAS 7.0.11 Lotus Connections 3.0 http://curious.li/e404ON […]