Lucene search

[email protected]CVE-2005-0346

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0346

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0346

safenet

softremote

vpn

client

cleartext

memory

vulnerability

nvd

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.

CPENameOperatorVersion
safenet:softremote_vpn_clientsafenet softremote vpn clienteq*

CPE	Name	Operator	Version
safenet:softremote_vpn_client	safenet softremote vpn client	eq	*

References

marc.info/?l=bugtraq&m=110791865522076&w=2

securitytracker.com/id?1013134

www.nta-monitor.com/news/vpn-flaws/safenet/index.htm

exchange.xforce.ibmcloud.com/vulnerabilities/19256

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON