CVE-2003-1392 — MEDIUM severity vulnerability (CryptoBuddy 1.0 and 1.2 does not use the user-supplied passp)
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.
| CVE ID | CVE-2003-1392 |
|---|---|
| Severity | MEDIUM |
| CVSS score | 6.6 |
| CVSS vector | AV:L/AC:L/Au:N/C:C/I:C/A:N |
| CWE | CWE-310 |
| Status | Modified |
| Published | 2003-12-31 |
| Last modified | 2026-04-16 |
| Description | CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →