User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
History

Tue, 26 Nov 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 26 Nov 2024 07:45:00 +0000

Type Values Removed Values Added
Description User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Weaknesses CWE-312
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2024-11-26T07:37:20.253Z

Updated: 2024-11-26T14:09:24.767Z

Reserved: 2024-05-22T09:00:07.612Z

Link: CVE-2024-29146

cve-icon Vulnrichment

Updated: 2024-11-26T14:03:31.747Z

cve-icon NVD

Status : Received

Published: 2024-11-26T08:15:05.203

Modified: 2024-11-26T08:15:05.203

Link: CVE-2024-29146

cve-icon Redhat

No data.