Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-6707

Опубликовано: 19 окт. 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

4.9.5+dfsg1-1
cosmic

not-affected

4.9.7+dfsg1-1
devel

not-affected

4.9.7+dfsg1-1
disco

not-affected

4.9.7+dfsg1-1
eoan

not-affected

4.9.7+dfsg1-1
esm-apps/bionic

not-affected

4.9.5+dfsg1-1
esm-apps/focal

not-affected

4.9.7+dfsg1-1
esm-apps/jammy

not-affected

4.9.7+dfsg1-1
esm-apps/noble

not-affected

4.9.7+dfsg1-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 40%
0.00182
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2012-6707

CVSS3: 7.5
nvd
около 8 лет назад

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.

debian логотип

CVE-2012-6707

CVSS3: 7.5
debian
около 8 лет назад

WordPress through 4.8.2 uses a weak MD5-based password hashing algorit ...

github логотип

GHSA-75fw-m5qw-hfx6

CVSS3: 7.5
github
больше 3 лет назад

WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier for attackers to determine cleartext values by leveraging access to the hash values. NOTE: the approach to changing this may not be fully compatible with certain use cases, such as migration of a WordPress site from a web host that uses a recent PHP version to a different web host that uses PHP 5.2. These use cases are plausible (but very unlikely) based on statistics showing widespread deployment of WordPress with obsolete PHP versions.

EPSS

Процентиль: 40%
0.00182
Низкий

5 Medium

CVSS2

7.5 High

CVSS3