CVE-2000-0487
LowExploitation Probability (EPSS)
High risk82th percentile — higher than 82% of all known CVEs
Summary
The Protected Store in Windows 2000 does not properly select the strongest encryption, resulting in the use of a default 40-bit encryption instead of 56-bit DES.
Risk Assessment
The organization may be at risk of data security issues, as the weaker encryption can be more easily compromised by attackers.
Recommendation
It is recommended to upgrade Windows 2000 to a newer version that improves the encryption mechanisms in the Protected Store.
Original NVD description (English source)
The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.

