Vulnerabilities > CVE-2022-29731 - Use of Password Hash With Insufficient Computational Effort vulnerability in ICT Protege GX Firmware and Protege WX Firmware

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ict
CWE-916

Summary

An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users.

Vulnerable Configurations

Part Description Count
OS
Ict
2
Hardware
Ict
2