CVE-2024-29978
CVSS 3.1 Score 5.9 of 10 (medium)
Details
Published Nov 26, 2024
CWE ID 256
Summary
CVE-2024-29978 is a newly disclosed vulnerability that exposes a security weakness in certain products. Before any user logs in, user passwords are decrypted and stored in memory. If a coredump file is generated, an attacker could potentially access these decrypted passwords, posing a significant risk to security. For specific product details, refer to the vendor announcements listed under [References]. This issue underscores the importance of secure password management and the protection of system memory.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share