CVE-2010-4595

2010-12-22T16:00:20
ID CVE-2010-4595
Type cve
Reporter NVD
Modified 2010-12-27T13:53:43

Description

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote attackers to bypass intended access restrictions via an HTTP request that contains a disallowed User-Agent header.