2 results (0.004 seconds)

CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0

CVE-2021-35052 – Kaspersky Password Manager Improper Privilege Management Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2021-35052

23 Nov 2021 — A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High. Un componente de Kaspersky Password Manager podría permitir a un atacante elevar el nivel de integridad de un proceso de Medio a Alto This vulnerability allows local attackers to escalate privileges on affected installations of Kaspersky Password Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability... • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121 • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2020-27020

https://notcve.org/view.php?id=CVE-2020-27020

14 May 2021 — Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation). La funcionalidad password generator del programa Kaspersky Password Manager no era completamente segura desde el punto de vista criptográfico, y en algunos casos potencialmente permitía a un atacante predecir las contraseñas g... • https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421 • CWE-326: Inadequate Encryption Strength •