CVE-2004-1852

EPSS 0.26%
Veröffentlicht 23.03.2004 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Solarwinds ≫ Dameware Mini Remote Control Version >= 3.0 < 3.74

Solarwinds ≫ Dameware Mini Remote Control Version >= 4.0 < 4.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.463

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

http://marc.info/?l=bugtraq&m=108016344224973&w=2

Third Party Advisory

Mailing List

http://secunia.com/advisories/11205

Patch

Vendor Advisory

Broken Link

http://securitytracker.com/id?1009557

Third Party Advisory

Vendor Advisory

Broken Link

VDB Entry

http://www.dameware.com/support/security/bulletin.asp?ID=SB3

Vendor Advisory

Product

http://www.osvdb.org/4547

Vendor Advisory

Broken Link

http://www.securityfocus.com/bid/9959

Patch

Third Party Advisory

Vendor Advisory

Broken Link

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/15586

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2004-1852

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1852

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1852

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2004-1852