CVE-2014-4861

Severity CVSS v4.0:
Pending analysis
Type:
CWE-255 Credentials Management
Publication date:
09/03/2018
Last modified:
29/03/2018

Description

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:thycotic:secret_server:*:*:*:*:*:*:*:* 7.5.000000 (including) 8.6.000009 (including)