CVE-2024-25649

MEDIUM Year: 2024
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-316
View all →

Vulnerability Description

In Delinea PAM Secret Server 11.4, it is possible for an attacker (with Administrator access to the Secret Server machine) to read the following data from a memory dump: the decrypted master key, database credentials (when SQL Server Authentication is enabled), the encryption key of RabbitMQ queue messages, and session cookies.

Related Vulnerabilities

CVE-2022-29832

MEDIUM
CVSS:6.5(Medium)

Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and la...

CWE-3162022

CVE-2024-33900

MEDIUM
CVSS:6.5(Medium)

KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make ...

CWE-3162024

CVE-2024-33901

MEDIUM
CVSS:6.5(Medium)

Issue in KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memo...

CWE-3162024

CVE-2024-49800

MEDIUM
CVSS:6.5(Medium)

IBM ApplinX 11.1 stores sensitive information in cleartext in memory that could be obtained by an authenticated user.

CWE-3162024

CVE-2023-40724

HIGH
CVSS:7.3(High)

A vulnerability has been identified in QMS Automotive (All versions < V12.39). User credentials are found in memory as plaintext. An attacker could perform a memory dump, and get access to credentials...

CWE-3162023

CVE-2023-3762

HIGH
CVSS:7.5(High)

A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information in memory. I...

CWE-3162023