Information disclosure vulnerability in KeePass - CVE-2023-32784ID: oval:org.secpod.oval:def:90268 | Date: (C)2023-06-05 (M)2024-01-03 |
Class: VULNERABILITY | Family: windows |
The host is installed with KeePass 2.x before 2.54 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle an issue in KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. Successful exploitation allows attackers to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running.
Platform: |
Microsoft Windows Server 2016 |
Microsoft Windows 7 |
Microsoft Windows Server |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2019 |
Microsoft Windows 10 |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |