CVE-2014-0841

CWE-3263 documents3 sources

Severity

5.3MEDIUM

EPSS

0.0%

top 93.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Rational Focal Point

Timeline

PublishedApr 27

Latest updateMay 14

Description

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.8 | Impact: 3.4

Affected Packages1 packages

▶NVDibm/rational_focal_point5 versions+4

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-hqhm-w88m-83j6: IBM Rational Focal Point 6↗2022-05-14

▶

CVEList

CVE-2014-0841: IBM Rational Focal Point 6↗2018-04-27

▶