HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the LDAP service. Fixes are available in HCL Domino versions 9.0.1 FP10 IF6, 10.0.1 FP6 and 11.0.1 FP1 and later.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Hcl_domino | Hcltech | * | 9.0.1 (excluding) |
Hcl_domino | Hcltech | 10.0.0 (including) | 10.0.1 (excluding) |
Hcl_domino | Hcltech | 11.0.0 (including) | 11.0.1 (excluding) |
Hcl_domino | Hcltech | 9.0.1-feature_pack_10_interim_fix_2 (including) | 9.0.1-feature_pack_10_interim_fix_2 (including) |
Hcl_domino | Hcltech | 9.0.1-feature_pack_10_interim_fix_3 (including) | 9.0.1-feature_pack_10_interim_fix_3 (including) |
Hcl_domino | Hcltech | 9.0.1-feature_pack_10_interim_fix_4 (including) | 9.0.1-feature_pack_10_interim_fix_4 (including) |
Hcl_domino | Hcltech | 9.0.1-feature_pack_10_interim_fix_5 (including) | 9.0.1-feature_pack_10_interim_fix_5 (including) |
Hcl_domino | Hcltech | 10.0.1-fixpack1 (including) | 10.0.1-fixpack1 (including) |
Hcl_domino | Hcltech | 10.0.1-fixpack2 (including) | 10.0.1-fixpack2 (including) |
Hcl_domino | Hcltech | 10.0.1-fixpack3 (including) | 10.0.1-fixpack3 (including) |
Hcl_domino | Hcltech | 10.0.1-fixpack4 (including) | 10.0.1-fixpack4 (including) |
Hcl_domino | Hcltech | 10.0.1-fixpack5 (including) | 10.0.1-fixpack5 (including) |