CVE-2013-6445Redhat Enterprise MRG vulnerability

CWE-3105 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 46.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Enterprise MRG
Timeline
PublishedApr 30
Latest updateMay 13

Description

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-8v63-g483-vrxj: Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 22022-05-13
CVEList
CVE-2013-6445: Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 22014-04-30

📋Vendor Advisories

1
Red Hat
cumin: weak password hashing2014-04-28

💬Community

1
Bugzilla
CVE-2013-6445 cumin: weak password hashing2013-12-18
CVE-2013-6445 — Redhat Enterprise MRG vulnerability | cvebase