CVE-2013-0173Improper Control of Interaction Frequency in Foreman

CWE-3103 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 42.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Theforeman Foreman
Timeline
PublishedMay 8
Latest updateMay 5

Description

Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-fpx2-5mc6-f8j5: Foreman before 12022-05-05
CVEList
CVE-2013-0173: Foreman before 12014-05-08
CVE-2013-0173 — Theforeman Foreman vulnerability | cvebase