{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23349", "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988", "state": "PUBLISHED", "assignerShortName": "Kaspersky", "dateReserved": "2023-01-11T20:11:14.512Z", "datePublished": "2024-03-22T16:15:55.200Z", "dateUpdated": "2024-06-04T17:22:23.513Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988", "shortName": "Kaspersky", "dateUpdated": "2024-03-27T11:51:13.706Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-316", "description": "CWE-316: Cleartext Storage of Sensitive Information in Memory", "type": "CWE"}]}], "affected": [{"vendor": "Kaspersky", "product": "Kaspersky Password Manager for Windows", "versions": [{"version": "*", "status": "affected", "lessThan": "24.0.0.427", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials."}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"}}], "solutions": [{"lang": "en", "value": "Install Kaspersky Password Manager (KPM) version 24.0.0.427 or later using the following url: https://support.kaspersky.com/help/KPM/Win24.0/en-US/85241.htm"}], "timeline": [{"time": "2024-03-18T00:00:00.000Z", "lang": "en", "value": "Advisory published by Kaspersky"}], "credits": [{"lang": "en", "value": "Efstratios Chatzoglou", "type": "finder"}, {"lang": "en", "value": "Zisis Tsiatsikas", "type": "finder"}, {"lang": "en", "value": "Vyron Kampourakis", "type": "finder"}], "references": [{"url": "https://support.kaspersky.com/vulnerability/list-of-advisories/12430#180324", "name": "Advisory issued on March 18, 2024", "tags": ["vendor-advisory"]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-23349", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-25T16:49:20.375552Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:22:23.513Z"}}]}}

{"descriptions": [{"lang": "en", "value": "Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials."}, {"lang": "es", "value": "Kaspersky solucion\u00f3 un problema de seguridad en Kaspersky Password Manager (KPM) para Windows que permit\u00eda a un usuario local recuperar las credenciales autocompletadas de un volcado de memoria cuando se usaba la extensi\u00f3n KPM para Google Chrome. Para explotar el problema, un atacante debe enga\u00f1ar a un usuario para que visite un formulario de inicio de sesi\u00f3n de un sitio web con las credenciales guardadas, y la extensi\u00f3n KPM debe completar autom\u00e1ticamente estas credenciales. Luego, el atacante debe iniciar un m\u00f3dulo de malware para robar esas credenciales espec\u00edficas."}], "id": "CVE-2023-23349", "lastModified": "2024-03-22T19:02:10.300", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "vulnerability@kaspersky.com", "type": "Secondary"}]}, "published": "2024-03-22T17:15:07.537", "references": [{"source": "vulnerability@kaspersky.com", "url": "https://support.kaspersky.com/vulnerability/list-of-advisories/12430#180324"}], "sourceIdentifier": "vulnerability@kaspersky.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-316"}], "source": "vulnerability@kaspersky.com", "type": "Secondary"}]}

{}