Lucene search
Veracode Vulnerability DatabaseVERACODE:4302HistoryMay 26, 2017 - 7:06 a.m.
Weak Hash Algorithm Without Salt
2017-05-2607:06:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.007
Percentile
79.7%
dolibarr/dolibarr is vulnerable to using a weak hash algorithm without salt. The library does not encrypt its passwords with a salt, meaning that the password hash stored on the system can be easily brute forced.
Related
cvelist
cvelist
CVE-2017-7888
2017-05-10 14:00:00
cve
cve
CVE-2017-7888
2017-05-10 14:29:00
prion
prion
Design/Logic Flaw
2017-05-10 14:29:00
nvd
nvd
CVE-2017-7888
2017-05-10 14:29:00
osv
osv
Dolibarr ERP and CRM Insecure Encryption
2022-05-17 02:45:41
CVE-2017-7888
2017-05-10 14:29:00
ubuntucve
ubuntucve
CVE-2017-7888
2017-05-10 00:00:00
github
github
Dolibarr ERP and CRM Insecure Encryption
2022-05-17 02:45:41
packetstorm
packetstorm
Dolibarr 4.0.4 SQL Injection / XSS / Weaknesses
2017-05-10 00:00:00
zdt
zdt
Dolibarr 4.0.4 SQL Injection / XSS / Weaknesses Vulnerabilities
2017-05-11 00:00:00
openvas
openvas
Dolibarr <= 4.0.4 Multiple Vulnerabilities - Active Check
2017-05-15 00:00:00