CVE-2017-8296 in kedpminfo

Zusammenfassung

von MITRE

kedpm 0.5 and 1.0 creates a history file in ~/.kedpm/history that is written in cleartext. All of the commands performed in the password manager are written there. This can lead to the disclosure of the master password if the "password" command is used with an argument. The names of the password entries created and consulted are also accessible in cleartext.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

27.04.2017

Veröffentlichung

27.04.2017

Moderieren

akzeptiert

Eintrag

VDB-100635

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

7.5 (NVD)

EPSS

0.00345

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-8296
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-8296
CVE Details	https://www.cvedetails.com/cve/CVE-2017-8296/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!