019 – Administrative credentials stored in cache memory

Description

It is possible to retrieve administrative credentials from the systems cache memory.

Impact

Obtain functional credentials for privileged users.

Recommendation

Avoid the store of sensitive information in temporary files or cache.

Threat

Authenticated attacker from local network.

Expected Remediation Time

30 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: L
• Attack complexity: H
• Attack Requirements: N
• Privileges required: H
• User interaction: N
• Confidentiality (VC): H
• Integrity (VI): N
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: A

Requirements

• 177 - Avoid caching and temporary files

Fixes

• Elixir
• Go
• Java
• Php
• Ruby
• Scala
• Swift
• Typescript

Last updated

2024/02/07