Description
Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).
References (1)
Core 1
Core References
Broken Link x_refsource_misc
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421
Scores
CVSS v3
7.5
EPSS
0.0074
EPSS Percentile
49.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-326
Status
published
Products (4)
kaspersky/password_manager
9.2
kaspersky/password_manager
< 9.2
kaspersky/password_manager
< 9.2.14.31
kaspersky/password_manager
< 9.2.14.872
Published
May 14, 2021
Tracked Since
Feb 18, 2026