PT-2002-2632 · Click2Learn · Click2Learn Ingenium Learning Management System
Published
2002-12-31
·
Updated
2024-02-14
·
CVE-2002-1910
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Click2Learn Ingenium Learning Management System versions 5.1 through 6.1
Description
The issue concerns the use of weak encryption for passwords in the affected software, specifically a reversible algorithm. This weakness allows attackers to obtain passwords.
Recommendations
For versions 5.1 through 6.1, consider implementing a stronger encryption method for password storage to prevent attackers from obtaining passwords.
As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of exploitation.
Exploit
Fix
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Click2Learn Ingenium Learning Management System