The host is installed with KeePass 2.x before 2.54 and is prone to an information disclosure vulnerability. A flaw is present in the application which fails to properly handle an issue in KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. Successful exploitation allows attackers to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running.