Name of the Vulnerable Software and Affected Versions Linter Bastion versions (affected versions not specified)

Description The issue concerns the use of an insecure encryption algorithm for user passwords in the Linter Bastion database management system. Password recovery from ciphertext can occur in under a second. For example, in the service file "3.11" at offset 4203, the system stores an 18-byte encrypted administrator password. If an attacker obtains this value, they can quickly recover the administrator's password and login. The login can be recovered because it is used as the encryption key.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.