Sensitive Information Disclosure Vulnerability (CVE-2022-38112)

Summary

In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext.

Affected Products

  • Database Performance Analyzer 2022.4

Fixed Software Release

Advisory Details
Severity
Medium
Advisory ID

CVE-2022-38112

First Published
01/18/2023
Fixed Version

Database Performance Analyzer 2023.1

CVSS Score

CVSS:3.1/ AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Download PDF
Send an Email