cbcvebase.
CVE-2005-2696
published 2005-08-26

CVE-2005-2696: IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive…

PriorityP424medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.23%
80.6th percentile
IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest" and "HTTPPassword" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428.

Affected

8 ranges
VendorProductVersion rangeFixed in
ibmlotus_domino
ibmlotus_domino
ibmlotus_domino
ibmlotus_notes
ibmlotus_notes
ibmlotus_notes
ibmlotus_notes
ibmlotus_notes
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.