Lucene search

[email protected]CVE-2004-1709

HistoryAug 04, 2004 - 4:00 a.m.

CVE-2004-1709

2004-08-0404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

security

usb token

encryption

cip client package

data protection

vulnerability

nvd

cve-2004-1709

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users.

CPENameOperatorVersion
datakey:rainbow_ikey2032_usb_tokendatakey rainbow ikey2032 usb tokeneq*

CPE	Name	Operator	Version
datakey:rainbow_ikey2032_usb_token	datakey rainbow ikey2032 usb token	eq	*

References

marc.info/?l=bugtraq&m=109164096013467&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/16887

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON