7.5
CVE-2020-27020
- EPSS 0.27%
- Veröffentlicht 14.05.2021 11:15:07
- Zuletzt bearbeitet 21.11.2024 05:20:41
- Quelle vulnerability@kaspersky.com
- Teams Watchlist Login
- Unerledigt Login
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kaspersky ≫ Password Manager SwPlatformwindows Version < 9.2
Kaspersky ≫ Password Manager SwPlatformiphone_os Version < 9.2.14.31
Kaspersky ≫ Password Manager SwPlatformandroid Version < 9.2.14.872
Kaspersky ≫ Password Manager Version9.2 Update- SwPlatformwindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.27% | 0.499 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-326 Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.