Vulnerability Description
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
References
- http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0112.html
- http://www.securityfocus.com/bid/1198
- http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0112.html
- http://www.securityfocus.com/bid/1198
FAQ
What is CVE-2000-0420?
CVE-2000-0420 is a vulnerability with a CVSS score of 7.2 (HIGH). The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
How severe is CVE-2000-0420?
CVE-2000-0420 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0420?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000.