Lucene search

K

Password Manager Security Vulnerabilities - 2023

cve
cve

CVE-2023-4003

One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access to a workstation may upgrade privileges to SYSTEM through an unspecified method. CWE-250: Execution with Unnecessary Privileges.

7.6CVSS

6.5AI Score

0.001EPSS

2023-09-27 03:19 PM
30
cve
cve

CVE-2023-48654

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the Goo...

9.8CVSS

9.2AI Score

0.001EPSS

2023-12-25 06:15 AM
23
cve
cve

CVE-2023-51772

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a se...

8.8CVSS

8.5AI Score

0.001EPSS

2023-12-25 06:15 AM
20