CVE-2023-32784

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions KeePass versions prior to 2.54

Description An issue exists in the password manager's password input text field where credentials may be stored in unencrypted form. This could allow a remote attacker to recover the master password in cleartext. Additionally, there is a need for improved process memory protection of secure edit controls.

Recommendations Update to version 2.54.

Exploit

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

ALT-PU-2023-2101

ALT-PU-2023-4128

ALT-PU-2023-5166

ALT-PU-2024-12934

ALT-PU-2025-2135

BDU:2023-03124

CVE-2023-32784

MGASA-2023-0221

OPENSUSE-SU-2023:0157-1

OPENSUSE-SU-2023:0163-1

OPENSUSE-SU-2024:12982-1

Affected Products

Alt Linux

Debian

Keepass

Keepass2

Red Os

CVE-2023-32784

Weakness Enumeration

Related Identifiers

Affected Products

References · 58