An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-10-27T13:28:10
Updated: 2024-08-04T10:58:40.273Z
Reserved: 2020-03-09T00:00:00
Link: CVE-2020-10256
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-10-27T14:15:13.453
Modified: 2024-11-21T04:55:04.880
Link: CVE-2020-10256
Redhat
No data.