Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest" and "HTTPPassword" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Lotus Notes 敏感信息泄露漏洞
Vulnerability Description
IBM Lotus Notes不能正确地限制对Notes Address Book(NAB)中密码hash的访问。这使得远程攻击者可以借助于(1)Lotus Notes客户端中的Administration选项卡中的密码挖掘字段 (2)NAB中的文件属性中的 "PasswordDigest" 和"HTTPPassword" 字段,或(3)对Domino LDAP服务器的直接请求获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A