Lucene search
HistoryMay 20, 2024 - 9:15 p.m.
CVE-2024-33900
keepassxc
cleartext credentials
memory dump
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
AI Score
6.4
Confidence
High
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design and other realistic designs.
Related
osv
osv
CVE-2024-33900
2024-05-20 21:15:00
cve
cve
CVE-2024-33900
2024-05-20 21:15:09
cvelist
cvelist
CVE-2024-33900
1976-01-01 00:00:00
vulnrichment
vulnrichment
CVE-2024-33900
1976-01-01 00:00:00
ubuntucve
ubuntucve
CVE-2024-33900
2024-05-20 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
AI Score
6.4
Confidence
High
Related for NVD:CVE-2024-33900