Password Manager Security Vulnerabilities and Issues — Password Manager CVE List

cve

CVE-2020-7962

An issue was discovered in One Identity Password Manager 5.8. An attacker could enumerate valid answers for a user. It is possible for an attacker to detect a valid answer based on the HTTP response content, and reuse this answer later for a password reset on a chosen password. The enumeration is p...

5.3CVSS

5.3AI Score

0.001EPSS

2020-11-13 07:15 PM

36

cve

CVE-2023-4003

One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access to a workstation may upgrade privileges to SYSTEM through an unspecified method. CWE-250: Execution with Unnecessary Privileges.

7.6CVSS

6.5AI Score

0.001EPSS

2023-09-27 03:19 PM

30

cve

CVE-2023-48654

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: go to the Goo...

9.8CVSS

9.2AI Score

0.001EPSS

2023-12-25 06:15 AM

23

cve

CVE-2023-51772

One Identity Password Manager before 5.13.1 allows Kiosk Escape. This product enables users to reset their Active Directory passwords on the login screen of a Windows client. It launches a Chromium based browser in Kiosk mode to provide the reset functionality. The escape sequence is: wait for a se...

8.8CVSS

8.5AI Score

0.001EPSS

2023-12-25 06:15 AM

20