CVE-2022-4610

Click Studios Passwordstate risky encryption

CVSS 1.9 LOWEPSS 0.2%CWE-310

A vulnerability, which was classified as problematic, has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected by this issue is some unknown functionality. The manipulation leads to risky cryptographic algorithm. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-216272.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N

Affected products

Click Studios · Passwordstate Click Studios · Passwordstate Browser Extension Chrome

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html https://vuldb.com/?id.216272 https://www.modzero.com/static/MZ-22-03_Passwordstate_Security_Disclosure_Report-v1.0.pdf