CVE-2006-7142

The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive.
Configurations

Configuration 1 (hide)

cpe:2.3:a:utimaco:safeguard:4.30:*:*:*:*:*:*:*

History

21 Nov 2024, 00:24

Type Values Removed Values Added
References () http://www.securityfocus.com/archive/1/448598/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/448598/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/archive/1/449120/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/archive/1/449120/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securityfocus.com/bid/20529 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/20529 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.utimaco.fi/servlets/ActionDispatcher?action:ws3_content_get_binary=true&scope=domain&domain_id=www.utimaco.fi&page_id=/templates/ajankohtaisteksti.jsp?ws3_page_id=tiedoteartikkeli_103&form_id=&component_id=linkin_dokumentti_104 - Broken Link () http://www.utimaco.fi/servlets/ActionDispatcher?action:ws3_content_get_binary=true&scope=domain&domain_id=www.utimaco.fi&page_id=/templates/ajankohtaisteksti.jsp?ws3_page_id=tiedoteartikkeli_103&form_id=&component_id=linkin_dokumentti_104 - Broken Link

13 Feb 2024, 16:45

Type Values Removed Values Added
First Time Utimaco safeguard
Utimaco
CVSS v2 : 4.1
v3 : unknown
v2 : 4.1
v3 : 7.8
CPE cpe:2.3:a:utimaco_safeware:safeguard_easy:4.30:*:*:*:*:*:*:* cpe:2.3:a:utimaco:safeguard:4.30:*:*:*:*:*:*:*

Information

Published : 2007-03-07 20:19

Updated : 2024-11-21 00:24


NVD link : CVE-2006-7142

Mitre link : CVE-2006-7142

CVE.ORG link : CVE-2006-7142


JSON object : View

Products Affected

utimaco

  • safeguard
CWE
CWE-798

Use of Hard-coded Credentials