Citrix · Citrix Metaframe Password Manager · CVE-2004-1902
**Name of the Vulnerable Software and Affected Versions**
Citrix MetaFrame Password Manager version 2.0
**Description**
The issue concerns the encryption of passwords entered after executing the First Time User Wizards when a central credential store is not configured. This allows local users to obtain sensitive information.
**Recommendations**
For Citrix MetaFrame Password Manager version 2.0, consider configuring a central credential store to ensure passwords are encrypted properly. As a temporary workaround, restrict access to sensitive information until a proper configuration is in place.