Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-5701 | First vendor Publication | 2007-10-29 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 2.1 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 3.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca unlock" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5701 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 50 % | CWE-310 | Cryptographic Issues |
| 50 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 40952 | IBM Lotus Domino Certificate Authority (CA) Local Cleartext Password Disclosure |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:15:57 |
|
| 2024-11-28 12:13:53 |
|
| 2021-05-04 12:06:36 |
|
| 2021-04-22 01:07:07 |
|
| 2020-05-23 00:20:41 |
|
| 2017-07-29 12:02:38 |
|
| 2016-06-28 17:01:25 |
|
| 2016-04-26 16:45:26 |
|
| 2013-05-11 10:40:42 |
|
