Vulnerabilities > Use of Password Hash With Insufficient Computational Effort
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-17 | CVE-2020-14389 | Use of Password Hash With Insufficient Computational Effort vulnerability in Redhat Keycloak It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have. | 8.1 |
2020-11-09 | CVE-2020-27693 | Use of Password Hash With Insufficient Computational Effort vulnerability in Trendmicro Interscan Messaging Security Virtual Appliance 8.5.1.1516/9.0/9.1 Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated. | 2.1 |
2020-10-16 | CVE-2019-12305 | Use of Password Hash With Insufficient Computational Effort vulnerability in Actions-Micro Ezcast PRO II Firmware In EZCast Pro II, the administrator password md5 hash is provided upon a web request. | 3.3 |
2020-08-25 | CVE-2020-14512 | Use of Password Hash With Insufficient Computational Effort vulnerability in Secomea Gatemanager 8250 Firmware GateManager versions prior to 9.2c, The affected product uses a weak hash type, which may allow an attacker to view user passwords. | 5.0 |
2020-07-14 | CVE-2020-10040 | Use of Password Hash With Insufficient Computational Effort vulnerability in Siemens products A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). | 2.1 |
2020-06-19 | CVE-2017-18917 | Use of Password Hash With Insufficient Computational Effort vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. | 5.0 |
2020-06-15 | CVE-2020-0533 | Use of Password Hash With Insufficient Computational Effort vulnerability in Intel Converged Security Management Engine Firmware Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access. | 4.6 |
2020-03-24 | CVE-2019-20575 | Use of Password Hash With Insufficient Computational Effort vulnerability in Google Android 9.0 An issue was discovered on Samsung mobile devices with P(9.0) software. | 4.8 |
2020-02-12 | CVE-2014-2560 | Use of Password Hash With Insufficient Computational Effort vulnerability in Phoner Phonerlite The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue. | 4.3 |
2020-02-12 | CVE-2009-5139 | Use of Password Hash With Insufficient Computational Effort vulnerability in Google Gizmo5 The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue. | 4.3 |