Vulnerabilities > CVE-2000-0487 - Unspecified vulnerability in Microsoft Windows 2000

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

microsoft

NVD

Published: 2000-06-01

Updated: 2018-10-12

Summary

The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 *	1

References

http://www.securityfocus.com/bid/1295
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-032