Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2007-4309
ibm
lotus notes
security
cve-2007-4309
administration
password management
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.5%
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.
Affected configurations
Node
ibmlotus_notesMatch5.0
ORibmlotus_notesMatch6.0
ORibmlotus_notesMatch7.0
ORibmlotus_notesMatch7.0.1
ORibmlotus_notesMatch7.0.2
Related
nvd
nvd
prion
prion
Design/Logic Flaw
2007-08-13 21:17:00
cvelist
cvelist
seebug
seebug
Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit
2007-02-13 00:00:00
Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit
2014-07-01 00:00:00
Lotus Domino <= R6 Webmail Remote Password Hash Dumper Exploit
2007-02-14 00:00:00
exploitpack
exploitpack
Lotus Domino R6 Webmail - Remote Password Hash Dumper
2007-02-13 00:00:00
packetstorm
packetstorm
lotus.sh.txt
2007-02-14 00:00:00
cve
cve
CVE-2005-2428
2005-08-03 04:00:00
CVE-2005-2696
2005-08-26 15:50:00
nuclei
nuclei
Lotus Domino R5 and R6 WebMail - Information Disclosure
2020-09-09 08:11:50
securityvulns
securityvulns
Lotus Domino weak files permissions
2005-08-22 00:00:00
exploitdb
exploitdb
Lotus Domino R6 Webmail - Remote Password Hash Dumper
2007-02-13 00:00:00
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
5.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.5%
Related for CVE-2007-4309