← back
CVE-2014-2354

Cogent DataHub Use of Password Hash With Insufficient Computational Effort

CVSS 6 EPSS 0.7%CWE-916
Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
AV:L/AC:H/Au:S/C:C/I:C/A:C
Affected products
Cogent · DataHub

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cogentdatahub.com/Download_Software.htmlhttp://ics-cert.us-cert.gov/advisories/ICSA-14-149-02https://www.cisa.gov/news-events/ics-advisories/icsa-14-149-02