Vulnerabilities > CVE-2004-1709 - Local Security vulnerability in Rainbow Ikey2032 Usb Token

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

datakey

NVD

Published: 2004-08-04

Updated: 2017-07-11

Summary

Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users.

Vulnerable Configurations

Part	Description	Count
Hardware	Datakey Datakey Rainbow Ikey2032 USB Token *	1

References

http://marc.info/?l=bugtraq&m=109164096013467&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/16887