- Description
- The password protection feature of Microsoft Money can store the password in plaintext, which allows attackers with physical access to the system to obtain the password, aka the "Money Password" vulnerability.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:money:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04303051-3FE6-45B0-B721-5331536A5D68"
},
{
"criteria": "cpe:2.3:a:microsoft:money:2001:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5672DA19-6EAB-48B8-96CB-8AF426BD8B33"
}
],
"operator": "OR"
}
]
}
]