Описание
Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc registry value, for which all users have Read permission, which allows local users to bypass the product's blocking functionality by decrypting the password.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:comvigo:im_lock:home_2006:*:*:*:*:*:*:*
cpe:2.3:a:comvigo:im_lock:professional_2006:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.0006
Низкий
3.7 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Comvigo IM Lock 2006 uses a simple substitution cipher to encrypt a password stored in the msnvs\prc registry value, for which all users have Read permission, which allows local users to bypass the product's blocking functionality by decrypting the password.
EPSS
Процентиль: 19%
0.0006
Низкий
3.7 Low
CVSS2
Дефекты
NVD-CWE-Other