How severe is CVE-2022-3875?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2022-3875?

This is classified as CWE-302, which is a common weakness in software security.

CVE-2022-3875 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability classified as critical was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This vulnerability affects unknown code of the component API. The manipulation leads to authentication bypass by assumed-immutable data. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216244.

Related Vulnerabilities

CVE-2020-15074

HIGH

CVSS:7.5(High)

OpenVPN Access Server older than version 2.8.4 and version 2.9.5 generates new user authentication tokens instead of reusing exiting tokens on reconnect making it possible to circumvent the initial to...

CWE-3022020

CVE-2024-22179

HIGH

CVSS:7.5(High)

The application is vulnerable to an unauthenticated parameter manipulation that allows an attacker to set the credentials to blank giving her access to the admin panel. Also vulnerable to account take...

CWE-3022024

CVE-2024-3741

HIGH

CVSS:7.5(High)

Electrolink transmitters are vulnerable to an authentication bypass vulnerability affecting the login cookie. An attacker can set an arbitrary value except 'NO' to the login cookie and have full syste...

CWE-3022024

CVE-2025-24876

HIGH

CVSS:8.1(High)

The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting mal...

CWE-3022025

CVE-2022-2503

MEDIUM

CVSS:6.7(Medium)

Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads cu...

CWE-3022022

CVE-2024-47086

HIGH

CVSS:6.5(Medium)

This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vu...

CWE-3022024