CVE-2024-24553
CVSS V2 None
CVSS V3 None
Description
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure function.
Overview
- CVE ID
- CVE-2024-24553
- Assigner
- NCSC.ch
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-24T07:10:03.585Z
- Last Modified Date
- 2024-06-24T14:07:23.855Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-24553 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24553 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 17:44:55 | Added to TrackCVE |