NewPass before 1.2.0 stores passwords (rather than password hashes) directly, which makes it easier to obtain unauthorized access to sensitive information. NOTE: in each case, data at rest is encrypted, but is decrypted within process memory during use.
Metrics
Affected Vendors & Products
References
History
Mon, 25 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-312 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-06-29T00:00:00
Updated: 2024-11-25T20:26:25.555Z
Reserved: 2024-06-29T00:00:00
Link: CVE-2024-39846
Vulnrichment
Updated: 2024-08-02T04:26:15.941Z
NVD
Status : Awaiting Analysis
Published: 2024-06-29T21:15:09.917
Modified: 2024-11-25T21:15:15.117
Link: CVE-2024-39846
Redhat
No data.