Vulnerability Description
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Esesix | Thintune Extreme | 2.4.38 |
| Esesix | Thintune L | 2.4.38 |
| Esesix | Thintune M | 2.4.38 |
| Esesix | Thintune Mobile | 2.4.38 |
| Esesix | Thintune S | 2.4.38 |
| Esesix | Thintune Xm | 2.4.38 |
| Esesix | Thintune Xs | 2.4.38 |
References
- http://marc.info/?l=bugtraq&m=109068491801021&w=2
- http://secunia.com/advisories/12154
- http://securitytracker.com/id?1010770
- http://www.osvdb.org/8247
- http://www.securityfocus.com/bid/10794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16795
- http://marc.info/?l=bugtraq&m=109068491801021&w=2
- http://secunia.com/advisories/12154
- http://securitytracker.com/id?1010770
- http://www.osvdb.org/8247
- http://www.securityfocus.com/bid/10794
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16795
FAQ
What is CVE-2004-2049?
CVE-2004-2049 is a vulnerability with a CVSS score of 4.6 (MEDIUM). eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain acce...
How severe is CVE-2004-2049?
CVE-2004-2049 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2049?
Check the references section above for vendor advisories and patch information. Affected products include: Esesix Thintune Extreme, Esesix Thintune L, Esesix Thintune M, Esesix Thintune Mobile, Esesix Thintune S.