PKINIT Protocol Vulnerability: Local User Information Disclosure and Server Spoofing via MITM Attack

PKINIT Protocol Vulnerability: Local User Information Disclosure and Server Spoofing via MITM Attack

CVE-2005-1982 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:P/A:N

Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Server 2003 could allow a local user to obtain information and spoof a server via a man-in-the-middle (MITM) attack between a client and a domain controller when PKINIT smart card authentication is being used.

Learn more about our Cis Benchmark Audit For Server Software.