CVE-2023-52723

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 29/04/2024 Updated: 05/05/2024

In KDE libksieve prior to 23.03.80, kmanagesieve/session.cpp places a cleartext password in server logs because a username variable is accidentally given a password value.

Debian Bug report logs - #1069163 libkf5kmanagesieve5: CVE-2023-52723: sends password as username when authenticating against sieve servers Package: libkf5kmanagesieve5; Maintainer for libkf5kmanagesieve5 is Debian Qt/KDE Maintainers <debian-qt-kde@listsdebianorg>; Source for libkf5kmanagesieve5 is src:libkf5ksieve (PTS, buildd, p ...

On Thu, Apr 25, 2024 at 06:10:54PM +0200, Jonas Schäfer wrote: FTR, wwwcveorg/CVERecord?id=CVE-2023-52723 was assigned for this issue Regards, Salvatore ...

https://invent.kde.org/pim/libksieve/-/commit/6b460ba93ac4ac503ba039d0b788ac7595120db1 https://invent.kde.org/pim/libksieve/-/tags/v23.03.80 https://www.openwall.com/lists/oss-security/2024/04/25/1 http://www.openwall.com/lists/oss-security/2024/04/30/1 https://lists.debian.org/debian-lts-announce/2024/05/msg00004.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069163 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-52723

Vulnerability Summary

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect