Vulnerabilities > CVE-2007-4309 - Remote Security vulnerability in Lotus Notes
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE network
ibm
Summary
IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |