exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2024-25607

почти 2 года назад

The default password hashing algorithm (PBKDF2-HMAC-SHA1) in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions defaults to a low work factor, which allows attackers to quickly crack password hashes.

CVSS3: 8.1

EPSS: Низкий

GHSA-43h9-p3j4-39hm

почти 2 года назад

Liferay Portal defaults to a low work factor for the default password hashing algorithm

CVSS3: 8.1

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2024-25607 The default password hashing algorithm (PBKDF2-HMAC-SHA1) in Liferay Portal 7.2.0 through 7.4.3.15, and older unsupported versions, and Liferay DXP 7.4 before update 16, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions defaults to a low work factor, which allows attackers to quickly crack password hashes.	CVSS3: 8.1	0% Низкий	почти 2 года назад
	GHSA-43h9-p3j4-39hm Liferay Portal defaults to a low work factor for the default password hashing algorithm	CVSS3: 8.1	0% Низкий	почти 2 года назад

Уязвимостей на страницу