CVE-2005-2620 — Groupwise vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.8%

top 17.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Novell Groupwise

Timeline

PublishedAug 17

Latest updateMay 1

Description

grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnovell/groupwise6.0, 6.5, 6.5.2+2

Patches

Patch: support.novell.com ↗Patch: support.novell.com ↗

🔴Vulnerability Details

GHSA

GHSA-gc3r-685x-j5m7: grpWise↗2022-05-01

▶

CVEList

CVE-2005-2620: grpWise↗2005-08-17

▶