CVE-2024-8453
CVSS V2 None
CVSS V3 None
Description
Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files to obtain the hash values, and potentially crack them to retrieve the plaintext passwords.
Overview
- CVE ID
- CVE-2024-8453
- Assigner
- twcert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-30T07:12:14.782Z
- Last Modified Date
- 2024-09-30T15:47:03.144Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.twcert.org.tw/tw/cp-132-8055-2c361-1.html | third-party-advisory |
https://www.twcert.org.tw/en/cp-139-8056-09688-2.html | third-party-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-8453 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8453 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-10-06 19:37:28 | Added to TrackCVE |