CVE Daily

CVE-2018-19863

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A ...

Medium CVSS 5.5

Overview

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error logging resulted in instances where sensitive data passed from Safari to 1Password could be logged locally on the user's machine. This data could include usernames and passwords that a user manually entered into Safari.

CWE: CWE-532 Published: 2018-12-22T15:29:00.230
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.5 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags