Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-9034

Опубликовано: 25 нояб. 2014
Источник: nvd
CVSS2: 5
EPSS Высокий

Описание

wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*
Версия до 3.7.4 (включая)
cpe:2.3:a:wordpress:wordpress:3.8:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.8.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.8.3:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.8.4:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.9:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.72483
Высокий

5 Medium

CVSS2

Дефекты

CWE-19

Связанные уязвимости

ubuntu логотип

CVE-2014-9034

ubuntu
больше 10 лет назад

wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.

debian логотип

CVE-2014-9034

debian
больше 10 лет назад

wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3 ...

github логотип

GHSA-wh45-5f5h-v3mq

github
около 3 лет назад

wp-includes/class-phpass.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to cause a denial of service (CPU consumption) via a long password that is improperly handled during hashing, a similar issue to CVE-2014-9016.

EPSS

Процентиль: 99%
0.72483
Высокий

5 Medium

CVSS2

Дефекты

CWE-19