← Back

CVE-2019-7690

nvd nist
Published: May 13, 2019Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. This affects Passwordless Authentication that has a Password Protected SSH Private Key.

Affected (1)

Products: Mobatek: Mobaxterm
Mobatek
1 product
Mobaxterm
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Mobaxterm
Version 11.1 3860

Related CWEs

CWE-255
CWE-255

References (2)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.