Lucene search

[email protected]CVE-2001-0984

HistorySep 13, 2001 - 4:00 a.m.

CVE-2001-0984

2001-09-1304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0984

information security

password safe

passwords exposure

unauthorized access

nvd

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.3%

JSON

Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the “Clear the password when minimized” and “Lock password database on minimize and prompt on restore” options enabled, which could allow an attacker with access to the memory (e.g. an administrator) to read the passwords.

CPENameOperatorVersion
counterpane:password_safecounterpane password safeeq1.7.1

CPE	Name	Operator	Version
counterpane:password_safe	counterpane password safe	eq	1.7.1

References

www.securityfocus.com/archive/1/213931

www.securityfocus.com/bid/3337

exchange.xforce.ibmcloud.com/vulnerabilities/7123

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.3%

JSON