CVE-2014-0841

Опубликовано: 27 апр. 2018

Источник: nvd

CVSS3: 5.3

CVSS2: 2.1

EPSS Низкий

Описание

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/90704
VDB Entry
Vendor Advisory
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-weak-password-hash-vulnerability-in-rational-focalpoint-cve-2014-0841/
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/90704
VDB Entry
Vendor Advisory
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-weak-password-hash-vulnerability-in-rational-focalpoint-cve-2014-0841/
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:rational_focal_point:6.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_focal_point:6.4.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_focal_point:6.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_focal_point:6.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_focal_point:6.6:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00023

Низкий

5.3 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-326

Связанные уязвимости

GHSA-hqhm-w88m-83j6