Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a "ca activate" or "ca unlock" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Lotus Domino Certificate Authority 安全信息泄露漏洞
Vulnerability Description
IBM Lotus Domino 7.0.3版本之前的版本的Certificate Authority (CA)中存在不完整黑名单漏洞。本地用户或具有物理访问权攻击者,当一个管理员输入"ca activate" 或 "ca unlock" 具有任意uppercase字符的指令,这些指令能绕过设计来超越密码登录的黑名单,并导致控制台登录和管理组中的空文本密码泄漏,最终获得敏感信息(密码)。
CVSS Information
N/A
Vulnerability Type
N/A