CVE-2019-15625

Опубликовано: 18 янв. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.

Ссылки

https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123595.aspx
Vendor Advisory
https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1123614.aspx
Vendor Advisory
https://jvn.jp/en/jp/JVN49593434/index.html
Third Party Advisory
https://jvn.jp/jp/JVN49593434/index.html
Third Party Advisory
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1123595.aspx
Vendor Advisory
https://esupport.trendmicro.com/support/pwm/solution/ja-jp/1123614.aspx
Vendor Advisory
https://jvn.jp/en/jp/JVN49593434/index.html
Third Party Advisory
https://jvn.jp/jp/JVN49593434/index.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:trendmicro:password_manager:*:*:*:*:*:macos:*:*

Версия от 3.8 (включая) до 3.8.0.1052 (включая)

cpe:2.3:a:trendmicro:password_manager:*:*:*:*:*:windows:*:*

Версия от 3.8 (включая) до 3.8.0.1103 (включая)

EPSS

Процентиль: 43%

0.00211

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-c3r6-j8rq-qj38

github

больше 3 лет назад