Vulnerabilities > Use of Password Hash With Insufficient Computational Effort
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-04 | CVE-2021-32596 | Use of Password Hash With Insufficient Computational Effort vulnerability in Fortinet Fortiportal A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables. | 5.0 |
| 2021-07-21 | CVE-2021-22774 | Use of Password Hash With Insufficient Computational Effort vulnerability in Schneider-Electric products A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could lead an attacker to get knowledge of charging station user account credentials using dictionary attacks techniques. | 5.0 |
| 2021-07-07 | CVE-2021-32519 | Use of Password Hash With Insufficient Computational Effort vulnerability in Qsan Sanos, Storage Manager and Xevo Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-text password by brute-forcing the MD5 hash. | 5.0 |
| 2021-06-16 | CVE-2020-25754 | Use of Password Hash With Insufficient Computational Effort vulnerability in Enphase Envoy Firmware D4.0/R3.0 An issue was discovered on Enphase Envoy R3.x and D4.x devices. | 5.0 |
| 2021-05-26 | CVE-2021-22741 | Use of Password Hash With Insufficient Computational Effort vulnerability in Schneider-Electric products Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior), which could cause the revealing of account credentials when server database files are available. | 4.6 |
| 2021-05-24 | CVE-2021-33563 | Use of Password Hash With Insufficient Computational Effort vulnerability in Koel Koel before 5.1.4 lacks login throttling, lacks a password strength policy, and shows whether a failed login attempt had a valid username. | 5.0 |
| 2021-04-02 | CVE-2019-20466 | Use of Password Hash With Insufficient Computational Effort vulnerability in Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 Firmware An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. | 7.2 |
| 2021-03-18 | CVE-2020-14516 | Use of Password Hash With Insufficient Computational Effort vulnerability in Rockwellautomation Factorytalk Services Platform 6.10.00/6.11.00 In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue with the implementation of the SHA-256 hashing algorithm with FactoryTalk Services Platform that prevents the user password from being hashed properly. | 7.5 |
| 2021-03-17 | CVE-2020-28873 | Use of Password Hash With Insufficient Computational Effort vulnerability in Fluxbb 1.5.11 Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. | 7.8 |
| 2021-01-26 | CVE-2020-6780 | Use of Password Hash With Insufficient Computational Effort vulnerability in Bosch Fsm-2500 Firmware and Fsm-5000 Firmware Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash. | 4.0 |