CVE-2022-29620

Medium

FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does…

mitre·CWE-312·Published 2022-06-07

CVSS

6.5

EPSS

0.02

KEV

Exploits

Tags:disputed

cve.orgen

172 chars

FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability

NVDen

172 chars

FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP servers via a memory dump.- NOTE: the vendor does not consider this a vulnerability

** EN DISPUTA ** FileZilla versión v3.59.0, permite a atacantes obtener contraseñas en texto sin cifrar de servidores SSH o FTP conectados por medio de un volcado de memoria.- NOTA: el proveedor no considera esto una vulnerabilidad

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N