1. Home
  2. CVE Database
  3. CVE-2017-16560
MEDIUM · 4.3

CVE-2017-16560

SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user ...

Vulnerability Description

SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes.

CVSS Score

4.3

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SandiskSecureaccess3.01

Related Weaknesses (CWE)

CWE-922

References

FAQ

What is CVE-2017-16560?

CVE-2017-16560 is a vulnerability with a CVSS score of 4.3 (MEDIUM). SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user ...

How severe is CVE-2017-16560?

CVE-2017-16560 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-16560?

Check the references section above for vendor advisories and patch information. Affected products include: Sandisk Secureaccess.