passwords decrypted and stored on memory before user login
CVE-2024-29978
5.9MEDIUM
Key Information
- Vendor
- Sharp Corporation
- Status
- Multiple Mfps (multifunction Printers)
- Vendor
- CVE Published:
- 26 November 2024
Summary
User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Affected Version(s)
Multiple MFPs (multifunction printers) = See the information provided by Sharp Corporation listed under [References]
Multiple MFPs (multifunction printers) = See the information provided by Toshiba Tec Corporation listed under [References]
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database