The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices.
Score: 1.5
Priority: P4 - Informational (Low)
Score: 0.00406
Percentile:
0.60264
CVSS v2 Score: 4.0
Severity: