Описание
An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0.0 (включая) до 2.8.1 (включая)
cpe:2.3:a:icinga:icinga:*:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00381
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.1
ubuntu
почти 8 лет назад
An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker.
CVSS3: 8.1
debian
почти 8 лет назад
An issue was discovered in Icinga 2.x through 2.8.1. The lack of a con ...
CVSS3: 8.1
github
больше 3 лет назад
An issue was discovered in Icinga 2.x through 2.8.1. The lack of a constant-time password comparison function can disclose the password to an attacker.
EPSS
Процентиль: 59%
0.00381
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
NVD-CWE-noinfo