Vulnerabilities > Use of Password Hash With Insufficient Computational Effort
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-16 | CVE-2022-26115 | Use of Password Hash With Insufficient Computational Effort vulnerability in Fortinet Fortisandbox A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox before 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords. | 7.5 |
| 2023-01-31 | CVE-2022-40258 | Use of Password Hash With Insufficient Computational Effort vulnerability in AMI Megarac Spx-12 and Megarac Spx-13 AMI Megarac Weak password hashes for Redfish & API | 5.3 |
| 2023-01-20 | CVE-2022-47732 | Use of Password Hash With Insufficient Computational Effort vulnerability in Yeastar N412 Firmware and N824 Firmware In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create backup file and download it, revealing admin hash, allowing, once cracked, to login inside the Configuration Panel, otherwise, replacing the hash in the archive and restoring it on the device which will change admin password granting access to the device. | 7.5 |
| 2022-12-26 | CVE-2020-12069 | Use of Password Hash With Insufficient Computational Effort vulnerability in Pilz PMC 3.0.0 In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. | 9.8 |
| 2022-09-08 | CVE-2022-37163 | Use of Password Hash With Insufficient Computational Effort vulnerability in Ihatetobudget Project Ihatetobudget 1.5.7 Bminusl IHateToBudget v1.5.7 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. | 9.8 |
| 2022-09-08 | CVE-2022-37164 | Use of Password Hash With Insufficient Computational Effort vulnerability in Ontrack Project Ontrack 3.4 Inoda OnTrack v3.4 employs a weak password policy which allows attackers to potentially gain unauthorized access to the application via brute-force attacks. | 9.8 |
| 2022-06-02 | CVE-2022-29731 | Use of Password Hash With Insufficient Computational Effort vulnerability in ICT Protege GX Firmware and Protege WX Firmware An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users. | 4.0 |
| 2022-05-25 | CVE-2021-32997 | Use of Password Hash With Insufficient Computational Effort vulnerability in Bakerhughes products The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. | 5.0 |
| 2022-05-19 | CVE-2020-16231 | Use of Password Hash With Insufficient Computational Effort vulnerability in Bachmann products The affected Bachmann Electronic M-Base Controllers of version MSYS v1.06.14 and later use weak cryptography to protect device passwords. | 6.5 |
| 2022-05-10 | CVE-2022-24041 | Use of Password Hash With Insufficient Computational Effort vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 6.5 |