Vulnerabilities > CVE-2004-1902 - Unspecified vulnerability in Citrix Metaframe Password Manager 2.0

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

citrix

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Citrix Citrix Metaframe Password Manager 2.0	1

References

http://marc.info/?l=bugtraq&m=108127948610311&w=2
http://secunia.com/advisories/11293
http://securitytracker.com/id?1009659
http://support.citrix.com/kb/entry.jspa?entryID=4062&categoryID=256
http://www.osvdb.org/4942
http://www.securityfocus.com/bid/10049
https://exchange.xforce.ibmcloud.com/vulnerabilities/15737