First published: Mon Aug 14 2023(Updated: )
An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Insyde InsydeH2O | =5.0 | |
Insyde InsydeH2O | =5.1 | |
Insyde InsydeH2O | =5.2 | |
Insyde InsydeH2O | =5.3 | |
Insyde InsydeH2O | =5.4 | |
Insyde InsydeH2O | =5.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2023-31041.
The severity of CVE-2023-31041 is high with a CVSS score of 7.5.
The affected software is Insyde InsydeH2O with kernel versions 5.0 through 5.5.
This vulnerability could lead to possible information disclosure if system password information is stored in cleartext.
Please refer to the provided reference link for information on the fix for CVE-2023-31041.