Описание
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
Ссылки
- Broken Link
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken Link
- ExploitIssue Tracking
- Third Party Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkVendor Advisory
- Third Party AdvisoryVDB Entry
- Mailing List
- Mailing List
- Broken Link
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
- Broken Link
- ExploitIssue Tracking
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash o ...
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
EPSS
9.8 Critical
CVSS3
6.8 Medium
CVSS2