CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-4861

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0300%
EPSS Percentile36.09th
Published2018年3月9日
Last Modified2024年11月21日

Vulnerability Description

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended.

Affected Platforms (CPE)

📦
Thycotic

Secret Server

>= 7.5.000000 and <= 8.6.000009

References & Advisories

🔗 http://thycotic.com/products/secret-server/resources/advisories/cve-2014-4861/
🔗 http://thycotic.com/products/secret-server/resources/advisories/cve-2014-4861/

関連する脆弱性情報

CVE-2008-115510.0

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows rem...

CVE-2019-46409.8

IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and i...

CVE-2018-180069.8

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally dis...

CVE-2019-183559.8

An SSRF issue was discovered in the legacy Web launcher in Thycotic Secret Server before 10.7.