5.3
CVE-2022-4611
- EPSS 3.91%
- Veröffentlicht 19.12.2022 15:15:10
- Zuletzt bearbeitet 21.11.2024 07:35:35
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216273 was assigned to this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Clickstudios ≫ Passwordstate Version < 9.5
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9500 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9512 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9519 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9531 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9533 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9535 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5 Updatebuild_9583 SwPlatform-
Clickstudios ≫ Passwordstate Version9.5.8.4 SwPlatformchrome
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.91% | 0.879 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| cna@vuldb.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.