A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216273 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.216273 | Third Party Advisory |
https://vuldb.com/?id.216273 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
06 Jan 2023, 13:58
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://vuldb.com/?ctiid.216273 - Third Party Advisory |
28 Dec 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Dec 2022, 21:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:clickstudios:passwordstate:9.5:build_9512:*:*:*:-:*:* cpe:2.3:a:clickstudios:passwordstate:9.5.8.4:*:*:*:*:chrome:*:* cpe:2.3:a:clickstudios:passwordstate:9.5:build_9500:*:*:*:-:*:* cpe:2.3:a:clickstudios:passwordstate:9.5:build_9519:*:*:*:-:*:* cpe:2.3:a:clickstudios:passwordstate:9.5:build_9583:*:*:*:-:*:* cpe:2.3:a:clickstudios:passwordstate:9.5:build_9531:*:*:*:-:*:* cpe:2.3:a:clickstudios:passwordstate:9.5:build_9533:*:*:*:-:*:* cpe:2.3:a:clickstudios:passwordstate:*:*:*:*:*:*:*:* cpe:2.3:a:clickstudios:passwordstate:9.5:build_9535:*:*:*:-:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
CWE | CWE-259 |
|
References | (N/A) https://vuldb.com/?id.216273 - Third Party Advisory | |
References | (N/A) https://modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html - Exploit, Third Party Advisory | |
First Time |
Clickstudios
Clickstudios passwordstate |
19 Dec 2022, 16:52
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-19 15:15
Updated : 2024-04-11 01:17
NVD link : CVE-2022-4611
Mitre link : CVE-2022-4611
CVE.ORG link : CVE-2022-4611
JSON object : View
Products Affected
clickstudios
- passwordstate
CWE
CWE-798
Use of Hard-coded Credentials