CVE-2014-2354CVE-2014-2354

Affected configuration(s):

cpe:/a:cogentdatahub:cogent_datahub:7.0
cpe:/a:cogentdatahub:cogent_datahub:7.0.2
cpe:/a:cogentdatahub:cogent_datahub:7.1.0
cpe:/a:cogentdatahub:cogent_datahub:7.1.1
cpe:/a:cogentdatahub:cogent_datahub:7.1.1.63
cpe:/a:cogentdatahub:cogent_datahub:7.1.2
cpe:/a:cogentdatahub:cogent_datahub:7.2.2
cpe:/a:cogentdatahub:cogent_datahub:7.3.0
cpe:/a:cogentdatahub:cogent_datahub:7.3.1
cpe:/a:cogentdatahub:cogent_datahub:7.3.2
cpe:/a:cogentdatahub:cogent_datahub:7.3.3
cpe:/a:cogentdatahub:cogent_datahub:7.3.4

Date published: 2014-05-30T19:55:02.987-04:00

Date last modified: 2014-06-05T08:40:41.283-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02

Summary: Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *