CVE-2005-0822
CVE-2005-0822 is a low-severity vulnerability in Citrix Metaframe Password Manager with a CVSS 2.0 base score of 2.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Low (CVSS 2.0 base score 2.1)
- EPSS exploit prediction: 0% (29th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Citrix Metaframe Password Manager
- Published:
- Last modified:
Description
Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy.
Frequently asked questions
- What is CVE-2005-0822?
- Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy.
- How severe is CVE-2005-0822?
- CVE-2005-0822 has a CVSS 2.0 base score of 2.1, rated low severity.
- Is CVE-2005-0822 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (29th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2005-0822?
- CVE-2005-0822 affects Citrix Metaframe Password Manager. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2005-0822?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2005-0822 published?
- CVE-2005-0822 was published on 2005-05-02 and last updated on 2026-06-16.
References
- http://securitytracker.com/id?1018077
- http://support.citrix.com/article/CTX105800
- http://support.citrix.com/kb/entry.jspa?entryID=5970&categoryID=254
- http://support.citrix.com/kb/entry.jspa?externalID=CTX105762
- http://www.securityfocus.com/bid/24041
Affected products (1)
- cpe:2.3:a:citrix:metaframe_password_manager:2.5:*:*:*:*:*:*:*
More vulnerabilities in Citrix Metaframe Password Manager
- CVE-2004-1902 — Low (CVSS 2.1): The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt…