CVE-2000-0420
First published: Thu May 11 2000(Updated: )
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 2000 | ||
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2000-0420?
CVE-2000-0420 has a moderate severity rating due to the potential exposure of sensitive data.
How does CVE-2000-0420 affect Windows 2000 systems?
CVE-2000-0420 affects Windows 2000 systems by allowing an attacker to recover the startup key from the registry.
How do I fix CVE-2000-0420?
To fix CVE-2000-0420, you should reconfigure SYSKEY to prevent the startup key from being stored in the registry.
What kind of data is at risk due to CVE-2000-0420?
CVE-2000-0420 puts Encrypted File System (EFS) data at risk of unauthorized decryption.
Is there a workaround for CVE-2000-0420?
A valid workaround for CVE-2000-0420 is to manually configure SYSKEY to use a stronger method of key storage.
- collector/nvd-historical
- vendor/microsoft
- vendor/windows 2000
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- canonical/microsoft windows 2000