CVE-2020-15024

An issue was discovered in the Login Password feature of the Password Manager component in Avast Antivirus 20.1.5069.562. An entered password continues to be stored in Windows main memory after a logout, and after a Lock Vault operation.
Configurations

Configuration 1 (hide)

cpe:2.3:a:avast:antivirus:20.1.5069.562:*:*:*:*:*:*:*

History

14 Feb 2024, 01:17

Type Values Removed Values Added
References (MISC) http://nestedif.com/avast-antivirus-password-manager-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/ - Third Party Advisory (MISC) http://nestedif.com/avast-antivirus-password-manager-vulnerability-improper-session-handling-leading-to-information-disclosure-advisory/ - Third Party Advisory, URL Repurposed

Information

Published : 2020-09-10 18:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-15024

Mitre link : CVE-2020-15024

CVE.ORG link : CVE-2020-15024


JSON object : View

Products Affected

avast

  • antivirus
CWE
CWE-212

Improper Removal of Sensitive Information Before Storage or Transfer

CWE-459

Incomplete Cleanup