Уязвимость генерации одинаковых паролей в режиме приватного просмотра Firefox
Описание
При открытии окна приватного просмотра и генерации пароля для сайта, после закрытия приватного окна и повторного его открытия, снова посещая тот же сайт и генерируя новый пароль, сгенерированные пароли оказываются одинаковыми, а не уникальными.
Затронутые версии ПО
- Firefox версий ниже 75
Тип уязвимости
Генерация ненадежных паролей
Ссылки
- Issue TrackingPermissions Required
- Vendor Advisory
- Issue TrackingPermissions Required
- Vendor Advisory
Уязвимые конфигурации
EPSS
2.8 Low
CVSS3
1.9 Low
CVSS2
Дефекты
Связанные уязвимости
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75.
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75.
Initially, a user opens a Private Browsing Window and generates a pass ...
Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent. This vulnerability affects Firefox < 75.
EPSS
2.8 Low
CVSS3
1.9 Low
CVSS2