Lotus
“After installing fixpack 7.0.0.11 for WebSphere Application Server, an application may be able to invoke an internal login module in an incorrect fashion.
This only applies to an application internal login, and does not apply to a client login.â€
The recommendation is to contact support and request Hotfix hotfix 7.0.0.11-WS-WAS-IFPK54565.
This is not listed as a critical vulnerability, but if you are starting a new install, or planning an upgrade might be worthwhile to get this fix on the system up front.
[…] This post was mentioned on Twitter by Mitch Cohen, SandraCH. SandraCH said: RT @curiousmitch: New Blog Post: Security Vulnerability in WAS 7.0.11 Lotus Connections 3.0 http://curious.li/e404ON […]