Vulnerabilities > CVE-2019-7690 - Credentials Management vulnerability in Mobatek Mobaxterm 11.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. This affects Passwordless Authentication that has a Password Protected SSH Private Key.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |