CVE-2023-41646

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Sep 7, 2023

Updated: Sep 12, 2023

CWE ID 916

Summary

CVE-2023-41646 is a vulnerability affecting Buttercup password manager version 2.20.3. An attacker can exploit this issue by gaining access to the file "/vaults.json" and retrieves the hash of the master password, potentially putting sensitive information at risk. This vulnerability can lead to unauthorized access to stored passwords and other confidential data. Users are urged to update to the latest version of Buttercup to mitigate this issue and secure their passwords.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sgJ_px
https://www.cve.org/CVERecord?id=CVE-2023-41646
https://nvd.nist.gov/vuln/detail/CVE-2023-41646

Back to Vulnerability Database

CVE-2023-41646

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations