CVE-2024-9203

CVSS 3.1 Score 2.5 of 10 (low)

Details

Published Sep 26, 2024

Updated: Sep 30, 2024

CWE ID 316

Summary

CVE-2024-9203 identifies a vulnerability in Enpass Password Manager, affecting versions up to 6.9.5 on Windows, where sensitive information may be stored in cleartext in memory. This issue necessitates local access for exploitation, which is considered complex and difficult to execute. The potential impact on confidentiality is rated as low, but the vulnerability could still pose risks if exploited by an attacker with local access. To mitigate this risk, users are advised to upgrade to version 6.10.1 of the software. The vulnerability is classified as having a low severity score of 2.5 on the CVSS scale.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/y-mYor
https://www.cve.org/CVERecord?id=CVE-2024-9203
https://nvd.nist.gov/vuln/detail/CVE-2024-9203

Back to Vulnerability Database

CVE-2024-9203

CVSS 3.1 Score 2.5 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations