Weak Password Hash Storage in IBM Endpoint Manager and Tivoli Remote Control

Weak Password Hash Storage in IBM Endpoint Manager and Tivoli Remote Control

CVE-2013-5461 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309.

Learn more about our Web Application Penetration Testing UK.