exploitDog

CVE-2020-15024

Опубликовано: 10 сент. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.

Ссылки

http://nestedif.com/avast-antivirus-password-manager-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/
Third Party Advisory
URL Repurposed
http://nestedif.com/avast-antivirus-password-manager-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/
Third Party Advisory
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avast:antivirus:20.1.5069.562:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00052

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-212

Связанные уязвимости

GHSA-mv65-7xv7-wp7j

github

больше 3 лет назад

An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.

EPSS

Процентиль: 17%

0.00052

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-212