CVE-2017-3762 in Fingerprint Managerinfo

Summary

Sensitive data stored by Lenovo Fingerprint Manager Pro, version 8.01.86 and earlier, including users' Windows logon credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system in which it is installed.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/16/2016

Disclosure

01/25/2018

Moderation

VulDB entry created

Entries

1: VDB-112476

CPE

ready

CWE

CWE-798 (Confirmed)

CVSS

6.5

EPSS

0.00171

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-3762
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-3762
CVE Details	https://www.cvedetails.com/cve/CVE-2017-3762/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!