IBM Lotus Sametime Configuration Servlet Lets Remote Users Obtain Configuration Data.
All Sametime Platforms : 7.0, 7.5, 7.5.1, 184.108.40.206, 220.127.116.11, 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 18.104.22.168, 8.5.2
A remote user can obtain configuration information.
The Sametime server contains a configuration servlet that is accessed by several Sametime server processes. By default, this servlet does not require authentication, which could potentially allow an unauthorized user to obtain read access to configuration data. Administrators are advised to protect this servlet by configuring Sametime to require authentication to this servlet.
A remote user can obtain configuration information. Configuration servlet.