Lucene search

MitreCVE-2004-0838

HistoryFeb 25, 2005 - 5:00 a.m.

CVE-2004-0838

2005-02-2505:00:00

mitre

web.nvd.nist.gov

cve-2004-0838

lexar

safe guard

jumpdrive

xor encryption

password security

vulnerability

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.

Affected configurations

Nvd

Node

lexarjumpdrive_secure

VendorProductVersionCPE
lexarjumpdrive_secure*cpe:2.3:h:lexar:jumpdrive_secure:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lexar	jumpdrive_secure	*	cpe:2.3:h:lexar:jumpdrive_secure::::::::

References

secunia.com/advisories/12522

www.atstake.com/research/advisories/2004/a091304-1.txt

www.securityfocus.com/bid/11162

exchange.xforce.ibmcloud.com/vulnerabilities/17342

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2004-0838