Vulnerability Details : CVE-2023-30367
Multi-Remote Next Generation Connection Manager (mRemoteNG) is free software that enables users to store and manage multi-protocol connection configurations to remotely connect to systems. mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory (after decrypting them if necessary) at application start-up, even if no connection has been established yet. This allows attackers to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory.
Products affected by CVE-2023-30367
- cpe:2.3:a:mremoteng:mremoteng:*:*:*:*:*:*:*:*
- cpe:2.3:a:mremoteng:mremoteng:1.77.2-nb:*:*:*:*:*:*:*
- cpe:2.3:a:mremoteng:mremoteng:1.77.3-nb:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-30367
1.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-30367
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2023-30367
-
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-30367
-
https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper
GitHub - S1lkys/CVE-2023-30367-mRemoteNG-password-dumper: Original PoC for CVE-2023-30367Third Party Advisory
-
https://github.com/mRemoteNG/mRemoteNG/issues/2420
Public Disclosure of issue 726 · Issue #2420 · mRemoteNG/mRemoteNG · GitHubIssue Tracking
-
http://packetstormsecurity.com/files/173829/mRemoteNG-1.77.3.1784-NB-Sensitive-Information-Extraction.html
mRemoteNG 1.77.3.1784-NB Sensitive Information Extraction ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://www.secuvera.de/advisories/secuvera-SA-2023-01.txt
Third Party Advisory
Jump to