HIGH✓ PATCH🇬🇧 English

CVE-2021-42138

CVSS 7.2v3.1pub. 2021-12-20upd. 2024-11-21

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
  • Thalesgroup Safenet Windows Logon Agent

    APP
    Thalesgroup
    < 3.4.4
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-32928CRITICAL9.8ten sam vendor

The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel ...

CVE-2023-5993HIGH7.8ten sam vendor

A flaw in the Windows Installer in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an...

CVE-2024-0197HIGH7.8ten sam vendor

A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to es...

CVE-2023-7016HIGH7.8ten sam vendor

A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code...

CVE-2021-42810HIGH7.8ten sam vendor

A flaw in the previous versions of the product may allow an authenticated attacker the ability to execute code...

CVE-2021-42138 — HIGH 7.2 | CVEbaza.pl