Read Time:25 Second
Description
The application stores sensitive information in cleartext in memory.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality: Read Memory
Potential Mitigations
CVE References
- CVE-2001-1517
- Sensitive authentication information in cleartext in memory.
- BID:10155
- Sensitive authentication information in cleartext in memory.
- CVE-2001-0984
- Password protector leaves passwords in memory when window is minimized, even when “clear password when minimized” is set.
- CVE-2003-0291
- SSH client does not clear credentials from memory.