IT Baseline Protection Manual T 3.47 Error in the configuration of browser access to Lotus Notes
T 3.47 Error in the configuration of browser access to Lotus Notes
Web access to a Notes server is implemented with two different mechanisms which differ as to the protocol used, the authentication mechanisms and the control of access control. As a result, especially when Web access to the Notes server is introduced, it is possible for the wrong configuration settings to be made so that a given Web user is granted more extensive privileges than are in fact desirable. Typical causes are as follows:
The Web authentication mechanism is too weak. Generally this is due to a combination of problems:
If a user name and password are used for authentication, but the authentication data is not protected with SSL, it is possible for the Internet password to be intercepted.
SSL client certificates are used, but the client computer is inadequately protected (e.g. no password on the certificate database). In this case there is a danger that the client certificates could be used by unauthorised third parties without the certificate owner being aware of this.
If the "anonymous access" option is enabled, this can, in combination with poorly configured access control lists (e.g. no "Anonymous" entry and "-Default-" entry gives " Manager" privileges), result in unauthorised access to databases.
The database does not enforce SSL-protected access. Although a database contains sensitive data which should only be transmitted protected, the database configuration does not enforce the use of an SSL connection. As a result the data may be transmitted unprotected if SSL is not enforced on the server or the configuration of the server is amended.
Inadequate authorisation restrictions. Additional authorisation restrictions can be configured on servers and databases for Web access. If these are not applied consistently, it could be possible, for example, through direct entry of a URL to access databases, database masks or agents.
The problem areas listed are examples of possible threats to a Notes system resulting from incorrect configuration of the Web interface.
