Vulnerabilities > CVE-2014-4861 - Credentials Management vulnerability in Thycotic Secret Server 8.6.000000/8.6.000009

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
thycotic
CWE-255

Summary

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended.

Vulnerable Configurations

Part Description Count
Application
Thycotic
2

Common Weakness Enumeration (CWE)