CVE-2020-6824 - log back

CVE-2020-6824 edited at 08 Apr 2020 08:16:08
Description
- A security issue has been found in Firefox before 75.0.1, where generated passwords may be identical on the same site between separate private browsing sessions. Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent.
+ A security issue has been found in Firefox before 75.0, where generated passwords may be identical on the same site between separate private browsing sessions. Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent.
CVE-2020-6824 edited at 08 Apr 2020 08:14:24
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Information disclosure
Description
+ A security issue has been found in Firefox before 75.0.1, where generated passwords may be identical on the same site between separate private browsing sessions. Initially, a user opens a Private Browsing Window and generates a password for a site, then closes the Private Browsing Window but leaves Firefox open. Subsequently, if the user had opened a new Private Browsing Window, revisited the same site, and generated a new password - the generated passwords would have been identical, rather than independent.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6824
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1621853
Notes
CVE-2020-6824 created at 07 Apr 2020 15:00:24