Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2023-4003

One Identity Password Manager version 5.9.7.1 - An unauthenticated attacker with physical access to a workstation may upgrade privileges to SYSTEM through an unspecified method. CWE-250: Execution with Unnecessary Privileges.

Published: Sep 27, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-4003
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.6
AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-250

Affected Software
References

Software	From	Fixed in
oneidentity / password_manager	5.12.0	5.12.2
oneidentity / password_manager	5.9.7.1	5.11.2

https://www.gov.il/en/Departments/faq/cve_advisories

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo