CVE-2023-37495

CVE-2023-37495 involves HCL Domino. The vulnerability arises from using a cryptographically weak hash algorithm to secure internet passwords stored in Person documents in the Domino Directory when created via the Add Person action on the People & Groups tab. The issue could allow an attacker with...

CVE-2023-37495 HCL Domino is susceptible to a weak cryptography vulnerability

Internet passwords stored in Person documents in the Domino® Directory created using the "Add Person" action on the People & Groups tab in the Domino® Administrator are secured using a cryptographically weak hash algorithm. This could enable attackers with access to the hashed value to determine ...

Nmap NSE net: http-domino-enum-passwords

Attempts to enumerate the hashed Domino Internet Passwords that are by default accessible by all authenticated users. This script can also download any Domino ID Files attached to the Person document. SYNTAX: domino-enum-passwords.idpath: the path where downloaded ID files should be saved If not...

http-domino-enum-passwords NSE Script

Attempts to enumerate the hashed Domino Internet Passwords that are by default accessible by all authenticated users. This script can also download any Domino ID Files attached to the Person document. Passwords are presented in a form suitable for running in John the Ripper. The passwords may be...