SecuritySpace - CVE-2023-24055

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-24055

Description: ** DISPUTED ** KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-24055
https://securityboulevard.com/2023/01/keepass-password-manager-leak-cve-richixbw/
https://sourceforge.net/p/keepass/discussion/329220/thread/a146e5cf6b/
https://sourceforge.net/p/keepass/feature-requests/2773/

CVE ID:	CVE-2023-24055
Description:	DISPUTED KeePass through 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-24055 https://securityboulevard.com/2023/01/keepass-password-manager-leak-cve-richixbw/ https://sourceforge.net/p/keepass/discussion/329220/thread/a146e5cf6b/ https://sourceforge.net/p/keepass/feature-requests/2773/