PT-2022-15945 · Bigant · Bigant Server

Published

2022-03-21

Updated

2022-04-27

CVE-2022-23348

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions BigAnt Server version 5.6.06

Description The issue is related to the use of weak password hashes in BigAnt Server.

Recommendations For version 5.6.06, consider updating the password hashing mechanism to a stronger alternative to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to sensitive areas of the server that rely on password authentication until a more secure hashing method is implemented.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-916

Related Identifiers

CVE-2022-23348

Affected Products

Bigant Server

PT-2022-15945 · Bigant · Bigant Server

CVE-2022-23348

Weakness Enumeration

Related Identifiers

Affected Products

References · 6