MitreCVELIST:CVE-2023-52723

HistoryApr 29, 2024 - 12:00 a.m.

CVE-2023-52723

2024-04-2900:00:00

mitre

www.cve.org

kde

libksieve

cleartext

password

vulnerability

server logs

AI Score

6.9

Confidence

Low

EPSS

Percentile

15.5%

JSON

In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value.

References

www.openwall.com/lists/oss-security/2024/04/30/1

invent.kde.org/pim/libksieve/-/commit/6b460ba93ac4ac503ba039d0b788ac7595120db1

invent.kde.org/pim/libksieve/-/tags/v23.03.80

lists.debian.org/debian-lts-announce/2024/05/msg00004.html

www.openwall.com/lists/oss-security/2024/04/25/1