The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.
References
Configurations
History
20 Nov 2024, 23:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=108127948610311&w=2 - | |
References | () http://secunia.com/advisories/11293 - Patch | |
References | () http://securitytracker.com/id?1009659 - | |
References | () http://support.citrix.com/kb/entry.jspa?entryID=4062&categoryID=256 - Patch, Vendor Advisory | |
References | () http://www.osvdb.org/4942 - | |
References | () http://www.securityfocus.com/bid/10049 - Patch | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/15737 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:52
NVD link : CVE-2004-1902
Mitre link : CVE-2004-1902
CVE.ORG link : CVE-2004-1902
JSON object : View
Products Affected
citrix
- metaframe_password_manager
CWE