Lucene search

K
cve[email protected]CVE-2001-1005
HistoryFeb 02, 2002 - 5:00 a.m.

CVE-2001-1005

2002-02-0205:00:00
web.nvd.nist.gov
32
cve-2001-1005
starfish truesync desktop
weak encryption
rex 5000 pda
registry key access.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.4%

Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges.

Affected configurations

NVD
Node
starfishtruesync_desktopMatch2.0b

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.4%

Related for CVE-2001-1005