CVE-2022-42931

CVSS v3.1 3.3 (Low)

EPSS 0.04 % (13^th)

Affected Products 1

Advisories 3

Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username (not password) was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox < 106.

Weaknesses

CWE-922: Insecure Storage of Sensitive Information

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2022-12-22 20:15:41
(21 months ago)
Updated Date: 2023-01-04 02:42:11
(20 months ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox prior 106.0 version	cpe:2.3:a:mozilla:firefox		< 106.0