Описание
Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:uniqkey:password_manager:1.14:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00324
Низкий
8.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security.
EPSS
Процентиль: 55%
0.00324
Низкий
8.8 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-287