Vulnerability Details CVE-2004-2049
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.9%
CVSS Severity
CVSS v2 Score 4.6
References
- http://marc.info/?l=bugtraq&m=109068491801021&w=2
- http://secunia.com/advisories/12154
- http://securitytracker.com/id?1010770
- http://www.osvdb.org/8247
- http://www.securityfocus.com/bid/10794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16795
- http://marc.info/?l=bugtraq&m=109068491801021&w=2
- http://secunia.com/advisories/12154
- http://securitytracker.com/id?1010770
- http://www.osvdb.org/8247
- http://www.securityfocus.com/bid/10794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16795
Products affected by CVE-2004-2049
-
cpe:2.3:h:esesix:thintune_extreme:2.4.38
-
cpe:2.3:h:esesix:thintune_l:2.4.38
-
cpe:2.3:h:esesix:thintune_m:2.4.38
-
cpe:2.3:h:esesix:thintune_mobile:2.4.38
-
cpe:2.3:h:esesix:thintune_s:2.4.38
-
cpe:2.3:h:esesix:thintune_xm:2.4.38
-
cpe:2.3:h:esesix:thintune_xs:2.4.38