Name of the Vulnerable Software and Affected Versions Линтер Бастион (affected versions not specified)

Description The issue concerns the storage of user accounts in the system table "$$$USR", which contains usernames and encrypted passwords. By default, the database management system uses the username as the encryption key, storing it alongside the ciphertext. Alternatively, it offers password hashing using the MD5 algorithm, which is outdated and not recommended for systems with high security requirements.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.