{"id":"CVE-2013-2120","details":"The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.","modified":"2026-01-27T04:12:09.063181Z","published":"2020-02-11T20:15:11Z","withdrawn":"2026-01-27T04:12:09.063181Z","references":[{"type":"EVIDENCE","url":"http://openwall.com/lists/oss-security/2013/05/28/5"},{"type":"EVIDENCE","url":"http://openwall.com/lists/oss-security/2013/05/29/6"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=969421"},{"type":"FIX","url":"https://projects.kde.org/projects/kde/kdeplasma-addons/repository/revisions/36a1fe49cb70f717c4a6e9eeee2c9186503a8dce"},{"type":"WEB","url":"http://archives.neohapsis.com/archives/bugtraq/2013-05/0114.html"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}