Описание
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 7 (включая)
cpe:2.3:a:blackboard:blackboard_academic_suite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00611
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.
EPSS
Процентиль: 69%
0.00611
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-287