A user of a machine protected by SafeNet Agent for Windows Logon may leverage weak entropy to access the encrypted credentials of any or all the users on that machine.
Weakness
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Safenet_windows_logon_agent | Thalesgroup | * | 3.4.4 (excluding) |
Potential Mitigations
Related Attack Patterns
References
- https://cpl.thalesgroup.com/support/security-updates
- https://supportportal.gemalto.com/csm?sys_kb_id=a52bd13adbff7010f0e322080596194a\u0026id=kb_article_view\u0026sysparm_rank=1\u0026sysparm_tsqueryId=b3bdd932db33b010f0e3220805961955
- https://supportportal.gemalto.com/csm?sys_kb_id=e8397662dbb7fc10520c4705059619eb\u0026id=kb_article_view\u0026sysparm_rank=2\u0026sysparm_tsqueryId=b3bdd932db33b010f0e3220805961955
- https://cpl.thalesgroup.com/support/security-updates
- https://supportportal.gemalto.com/csm?sys_kb_id=a52bd13adbff7010f0e322080596194a\u0026id=kb_article_view\u0026sysparm_rank=1\u0026sysparm_tsqueryId=b3bdd932db33b010f0e3220805961955
- https://supportportal.gemalto.com/csm?sys_kb_id=e8397662dbb7fc10520c4705059619eb\u0026id=kb_article_view\u0026sysparm_rank=2\u0026sysparm_tsqueryId=b3bdd932db33b010f0e3220805961955