HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2021-42138

CVSS 7.2v3.1pub. 2021-12-20upd. 2024-11-21

A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine.

CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
  • Thalesgroup Safenet Windows Logon Agent

    APP
    Thalesgroup
    < 3.4.4
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2021-32928CRITICAL9.8ten sam vendor

The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel ...

CVE-2023-5993HIGH7.8ten sam vendor

A flaw in the Windows Installer in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an...

CVE-2024-0197HIGH7.8ten sam vendor

A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to es...

CVE-2023-7016HIGH7.8ten sam vendor

A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code...

CVE-2021-42810HIGH7.8ten sam vendor

A flaw in the previous versions of the product may allow an authenticated attacker the ability to execute code...