Weak Password Handling in Citrix MetaFrame Password Manager 2.0
CVE-2004-1902
Currently unrated
Summary
The Citrix MetaFrame Password Manager 2.0 contains a vulnerability that arises when a central credential store is not configured. This oversight allows unencrypted passwords to be captured immediately after executing the First Time User Wizards, thereby exposing sensitive user information to local users. Proper security practices require the configuration of a central credential store to ensure that passwords are encrypted and protected from unauthorized access.
References
Timeline
Vulnerability Reserved
Vulnerability published