TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role assignment and can lead to shared password leakage.
References
Link | Resource |
---|---|
https://github.com/nilsteampassnet/TeamPass/issues/2495 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-04T21:00:00
Updated: 2019-02-04T20:57:01
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-1000001
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-02-04T21:29:00.643
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-1000001
JSON object: View
Redhat Information
No data.
CWE