PT-2022-27737 · Click Studios · Click Studios Passwordstate Browser Extension Chrome+1

Constantin Müller

Published

2022-12-19

Updated

2022-12-24

CVE-2022-4610

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Click Studios Passwordstate (affected versions not specified) Click Studios Passwordstate Browser Extension Chrome (affected versions not specified)

Description A problematic vulnerability has been found, affecting some unknown functionality. The manipulation leads to the use of a risky cryptographic algorithm. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327CWE-310

Related Identifiers

CVE-2022-4610

Affected Products

Click Studios Passwordstate

Click Studios Passwordstate Browser Extension Chrome

PT-2022-27737 · Click Studios · Click Studios Passwordstate Browser Extension Chrome+1

CVE-2022-4610

Weakness Enumeration

Related Identifiers

Affected Products

References · 7