Oneidentity

Password Manager

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2025-27582

  • EPSS 0.02%
  • Veröffentlicht 14.07.2025 00:00:00
  • Zuletzt bearbeitet 15.07.2025 13:14:24

The Secure Password extension in One Identity Password Manager before 5.14.4 allows local privilege escalation. The issue arises from a flawed security hardening mechanism within the kiosk browser used to display the Password Self-Service site to end...

9.8

CVE-2023-48654

  • EPSS 0.16%
  • Veröffentlicht 25.12.2023 06:15:08
  • Zuletzt bearbeitet 21.11.2024 08:32:11

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset fun...

8.8

CVE-2023-51772

  • EPSS 0.07%
  • Veröffentlicht 25.12.2023 06:15:08
  • Zuletzt bearbeitet 21.11.2024 08:38:45

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset fun...

6.8

CVE-2023-4003

  • EPSS 0.1%
  • Veröffentlicht 27.09.2023 15:19:39
  • Zuletzt bearbeitet 21.11.2024 08:34:12

One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access to a workstation may upgrade privileges to SYSTEM through an unspecified method. CWE-250: Execution with Unnecessary Privileges.

5.3

CVE-2020-7962

  • EPSS 0.23%
  • Veröffentlicht 13.11.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:38:05

An issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an attacker to detect a valid answer based on the HTTP response content, and reuse this answer later for a password...