← Back

CVE-2018-15781

nvd nist
Published: Feb 13, 2019Modified: Nov 21, 2024

JSON object

Loading...
8.0
Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.1 / Impact: 5.9
Source: NVD

Description

The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability. An unauthenticated remote attacker could reverse engineer the cryptographic system used in the Dell Wyse Password Encoder to discover the hard coded private key and decrypt locally stored cipher text.

Affected (1)

Products: Dell: Wyse Thinlinux
Dell
1 product
Wyse Thinlinux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Wyse Thinlinux
From 2.0 to 2.1.0.01

Related CWEs

CWE-798
Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

Source: security_alert@emc.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.