First published: Wed Feb 09 2022(Updated: )
A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Keepass Keepass | =2.48 | |
Fedoraproject Extra Packages For Enterprise Linux | =7.0 | |
Fedoraproject Fedora | =35 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this flaw is CVE-2022-0725.
The severity of CVE-2022-0725 is high with a CVSS score of 7.5.
This vulnerability occurs due to logging the plain text passwords in the system log.
CVE-2022-0725 can lead to an Information Exposure vulnerability, allowing an attacker to interact and read sensitive passwords and logs.
Yes, there are references available at: [Link 1](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2053688), [Link 2](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2053691), and [Link 3](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2053689).