CVE-2020-7299

MEDIUM Year: 2020
CVSS v3 Score
4.1
Medium
CVSS v2 Score
1.9
Low
Weakness Type
CWE-522
View all →

Vulnerability Description

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations.

Related Vulnerabilities

CVE-2021-20434

MEDIUM
CVSS:4.1(Medium)

IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 196346.

CWE-5222021

CVE-2018-12038

MEDIUM
CVSS:4.2(Medium)

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key.

CWE-5222018

CVE-2020-27413

MEDIUM
CVSS:4.2(Medium)

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application.

CWE-5222020

CVE-2020-4408

MEDIUM
CVSS:4.2(Medium)

The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. IBM X-Force ID:...

CWE-5222020

CVE-2023-26221

LOW
CVSS:3.9(Low)

The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged...

CWE-5222023

CVE-2018-1000057

MEDIUM
CVSS:4.3(Medium)

Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment ...

CWE-5222018