Vulnerabilities > CVE-2019-12737 - Use of Password Hash With Insufficient Computational Effort vulnerability in Jetbrains Ktor

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
jetbrains
CWE-916

Summary

UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.