Weak Password Hashing Algorithm in Zenoss Core 5 Beta 3 (ZEN-15413)

Weak Password Hashing Algorithm in Zenoss Core 5 Beta 3 (ZEN-15413)

CVE-2014-9251 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Zenoss Core through 5 Beta 3 uses a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack on hash values in the database, aka ZEN-15413.

Learn more about our Web Application Penetration Testing UK.