Lucene search
MitreVULNRICHMENT:CVE-2023-24055HistoryJan 22, 2023 - 12:00 a.m.
CVE-2023-24055
2023-01-2200:00:00
mitre
github.com
1
keepass 2.53
xml config file
cleartext passwords
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
28.8%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor’s position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.
Related
githubexploit
githubexploit
Exploit for Cleartext Storage of Sensitive Information in Keepass
2023-01-29 14:13:44
Exploit for Cleartext Storage of Sensitive Information in Keepass
2023-01-30 13:22:22
Exploit for Cleartext Storage of Sensitive Information in Keepass
2023-01-30 13:22:22
redos
redos
ROS-20240902-20
2024-09-02 00:00:00
cvelist
cvelist
CVE-2023-24055
2023-01-22 00:00:00
nvd
nvd
CVE-2023-24055
2023-01-22 04:15:11
cve
cve
CVE-2023-24055
2023-01-22 04:15:11
prion
prion
Design/Logic Flaw
2023-01-22 04:15:00
mageia
mageia
Updated keepass packages fix security vulnerability
2023-07-07 08:54:45
thn
thn
KeePass Exploit Allows Attackers to Recover Master Passwords from Memory
2023-05-22 06:33:00
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0221)
2023-07-10 00:00:00
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
28.8%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-24055