PT-2018-14531 · Appgini · Bigprof Appgini

Published

2018-10-23

Updated

2019-01-10

CVE-2018-18587

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions BigProf AppGini version 5.70

Description The issue concerns the storage of passwords in the database using the MD5 hash, which is considered insecure.

Recommendations For BigProf AppGini version 5.70, consider updating the password storage mechanism to a more secure hashing algorithm. As a temporary workaround, restrict access to sensitive data and consider rehashing existing passwords with a stronger algorithm.

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327

Related Identifiers

CVE-2018-18587

Affected Products

Bigprof Appgini

PT-2018-14531 · Appgini · Bigprof Appgini

CVE-2018-18587

Weakness Enumeration

Related Identifiers

Affected Products

References · 3