Vulnerabilities > Use of Password Hash With Insufficient Computational Effort
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-30 | CVE-2024-23091 | Use of Password Hash With Insufficient Computational Effort vulnerability in Digitaldruid Hoteldruid Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to obtain plaintext passwords from hash values. | 7.5 |
| 2024-06-12 | CVE-2024-3183 | Use of Password Hash With Insufficient Computational Effort vulnerability in Redhat products A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. | 8.1 |
| 2024-06-11 | CVE-2024-21754 | Use of Password Hash With Insufficient Computational Effort vulnerability in Fortinet Fortios and Fortiproxy A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged attacker with super-admin profile and CLI access to decrypting the backup file. | 4.4 |
| 2024-01-02 | CVE-2022-3010 | Use of Password Hash With Insufficient Computational Effort vulnerability in Priva TOP Control Suite 8.7.8.0 The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. | 7.5 |
| 2023-11-02 | CVE-2023-5846 | Use of Password Hash With Insufficient Computational Effort vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299 Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device. | 9.8 |
| 2023-09-19 | CVE-2022-47557 | Use of Password Hash With Insufficient Computational Effort vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions. | 6.1 |
| 2023-09-15 | CVE-2023-4986 | Use of Password Hash With Insufficient Computational Effort vulnerability in Supcon Inplant Scada 20230901 A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901. | 2.5 |
| 2023-09-07 | CVE-2023-41646 | Use of Password Hash With Insufficient Computational Effort vulnerability in Perrymitchell Buttercup 2.20.3 Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/ | 5.3 |
| 2023-08-24 | CVE-2023-31412 | Use of Password Hash With Insufficient Computational Effort vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. | 7.5 |
| 2023-07-07 | CVE-2023-34433 | Use of Password Hash With Insufficient Computational Effort vulnerability in Piigab M-Bus 900S Firmware PiiGAB M-Bus stores passwords using a weak hash algorithm. | 9.8 |