| Vulnerability Name: | CVE-2022-0725 (CCN-221310) | ||||||||||||
| Assigned: | 2022-02-28 | ||||||||||||
| Published: | 2022-02-28 | ||||||||||||
| Updated: | 2022-10-28 | ||||||||||||
| Summary: | A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs. | ||||||||||||
| CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) 6.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:R)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:R)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-532 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-0725 Source: MISC Type: Issue Tracking, Third Party Advisory https://bugzilla.redhat.com/show_bug.cgi?id=2052696 Source: XF Type: UNKNOWN keepass-cve20220725-info-disc(221310) Source: CCN Type: KeePass GIT Repository POC for KeePass [CVE-2022-0725] Source: CCN Type: KeePass Web site KeePass | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||