CVE-2021-31989

Summary

A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.

Affected Software

VendorProductVersion RangeStatus
Axis Communications ABAXIS Device ManagerFrom Axis Device Manager 5.00.010affected

Weaknesses

  • CWE-316: CWE-316: Cleartext Storage of Sensitive Information in Memory

ADP Enrichment

CVE Program Container

Additional References

References