Gnome Keyring Vulnerability in Gnome Software
CVE-2012-6111

7.5HIGH

Key Information:

Vendor

Gnome-keyring

Status
Gnome-keyring
Vendor
CVE Published:
20 December 2019

What is CVE-2012-6111?

The Gnome Keyring has a security issue where it fails to properly discard stored secrets when the gnome_keyring_lock_all_sync function is invoked. This flaw could allow unauthorized users to access sensitive data, as secrets may remain accessible even after expected security measures have been applied.

Affected Version(s)

gnome-keyring Fixed 3.14.0

References

https://security-tracker.debian.org/tracker/CVE-2012-6111
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2013/01/17/4
x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-6111
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.