Vulnerabilities > Use of Password Hash With Insufficient Computational Effort

DATE CVE VULNERABILITY TITLE RISK
2024-01-02 CVE-2022-3010 Use of Password Hash With Insufficient Computational Effort vulnerability in Priva TOP Control Suite 8.7.8.0
The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number.
network
low complexity
priva CWE-916
7.5
2023-11-02 CVE-2023-5846 Use of Password Hash With Insufficient Computational Effort vulnerability in Franklinfueling Ts-550 EVO Firmware 1.8.7.7299
Franklin Fueling System TS-550 versions prior to 1.9.23.8960 are vulnerable to attackers decoding admin credentials, resulting in unauthenticated access to the device.
network
low complexity
franklinfueling CWE-916
critical
9.8
2023-09-19 CVE-2022-47557 Use of Password Hash With Insufficient Computational Effort vulnerability in Ormazabal Ekorccp Firmware and Ekorrci Firmware
Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions.
local
low complexity
ormazabal CWE-916
6.1
2023-09-15 CVE-2023-4986 Use of Password Hash With Insufficient Computational Effort vulnerability in Supcon Inplant Scada
A vulnerability classified as problematic was found in Supcon InPlant SCADA up to 20230901.
local
high complexity
supcon CWE-916
2.5
2023-09-07 CVE-2023-41646 Use of Password Hash With Insufficient Computational Effort vulnerability in Perrymitchell Buttercup 2.20.3
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/
network
low complexity
perrymitchell CWE-916
5.3
2023-08-24 CVE-2023-31412 Use of Password Hash With Insufficient Computational Effort vulnerability in Sick Lms500 Firmware, Lms511 Firmware and Lms531 Firmware
The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs.
network
low complexity
sick CWE-916
7.5
2023-07-07 CVE-2023-34433 Use of Password Hash With Insufficient Computational Effort vulnerability in Piigab M-Bus 900S Firmware
PiiGAB M-Bus stores passwords using a weak hash algorithm.
network
low complexity
piigab CWE-916
critical
9.8
2023-06-15 CVE-2023-33243 Use of Password Hash With Insufficient Computational Effort vulnerability in Starface
RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password.
network
high complexity
starface CWE-916
8.1
2023-03-13 CVE-2023-27580 Use of Password Hash With Insufficient Computational Effort vulnerability in Codeigniter Shield 1.0.0
CodeIgniter Shield provides authentication and authorization for the CodeIgniter 4 PHP framework.
network
high complexity
codeigniter CWE-916
5.9
2023-03-01 CVE-2023-0567 Use of Password Hash With Insufficient Computational Effort vulnerability in PHP
In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, password_verify() function may accept some invalid Blowfish hashes as valid.
local
low complexity
php CWE-916
6.2