Information Disclosure Vulnerability in KeePass by CyberNet
CVE-2017-1000066

7.5HIGH

Key Information:

Vendor: Keepass
Status: Keepass
Vendor: CVE Published:; 13 July 2017

What is CVE-2017-1000066?

The entry details view function in KeePass version 1.32 has a flawed handling of sensitive database entries, leading to potential exposure of decrypted information in memory. This vulnerability can result in unauthorized access to sensitive data, raising concerns about user privacy and data security for those relying on the KeePass password management solution. Users are encouraged to upgrade to the latest version to mitigate the risks associated with this vulnerability.

References

http://keepass.info/news/news_all.html

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 13, 2017
Vulnerability Reserved
Jul 10, 2017

Keepass

What is CVE-2017-1000066?

References

CVSS V3.1

Timeline