CVE-2024-29146
CVSS 3.1 Score 5.9 of 10 (medium)
Details
Published Nov 26, 2024
CWE ID 312
Summary
CVE-2024-29146 is a newly disclosed cybersecurity vulnerability that allows unauthorized access to decrypted user passwords stored in memory. Before any user logs in, these passwords are decrypted and kept in memory. An attacker can exploit this vulnerability by retrieving the coredump file, gaining access to these decrypted passwords. Affected products and their specifications have been identified by the vendors listed in the references.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share