CVE-2007-4309IBM Lotus Notes vulnerability

3 documents3 sources
Severity
3.5LOWNVD
CNA5.0
EPSS
0.2%
top 53.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedAug 13
Latest updateMay 1

Description

IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/lotus_notes5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-c865-g6gw-3hjp: IBM Lotus Notes 52022-05-01
CVEList
CVE-2007-4309: IBM Lotus Notes 52007-08-13
CVE-2007-4309 — IBM Lotus Notes vulnerability | cvebase