CVE-2007-5701

Name of the Vulnerable Software and Affected Versions IBM Lotus Domino versions prior to 7.0.3

Description The issue allows local users or attackers with physical access to obtain sensitive information, such as passwords, when an administrator enters a command with any uppercase character. This results in cleartext password disclosure in the console log and Admin panel due to an incomplete blacklist vulnerability in the Certificate Authority (CA).

Recommendations For versions prior to 7.0.3, update to version 7.0.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of uppercase characters when entering "ca activate" or "ca unlock" commands to minimize the risk of password disclosure. Restrict physical access to the system and limit local user privileges to reduce the potential for exploitation.