CVE-2002-1946

MEDIUM

Tata Integrated Dialer - Weak Encryption

Title source: rule

Description

Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry key, which allows local users to obtain and decrypt the password.

References (2)

[Broken Link] http://archives.neohapsis.com/archives/bugtraq/2002-10/0438.html

[Broken Link] http://www.iss.net/security_center/static/10517.php

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 2.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-326

Status draft

Affected Products (1)

tata/integrated_dialer

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026