CVE-2019-10884

Name: CVE-2019-10884
Creator: NVD / NIST
Published: 2019-04-05T17:29:00.29+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.23%

Last modified Jun 17, 2026

CVE-2019-10884 is a vulnerability of currently unknown severity. Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. EPSS estimates a 1.23% chance of exploitation in the next 30 days.

Description

Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security.

Metrics

EPSS Probability

1.23%

65.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-287

Affected Software

Vendor	Product	Versions
Uniqkey	Password Manager	1.14

References

https://vuldb.com/?id.133069Third Party Advisory
https://vuldb.com/?id.133069Third Party Advisory

Timeline

Published: Apr 5, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-10884?

How severe is CVE-2019-10884?

Severity scoring for CVE-2019-10884 is pending analysis. The EPSS model estimates a 1.23% probability of exploitation in the next 30 days.

How do I fix CVE-2019-10884?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-10884?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST