CVE-2024-24553

Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure function.
CVSS

No CVSS.

Configurations

No configuration.

History

21 Nov 2024, 08:59

Type Values Removed Values Added
References () https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ - () https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/ -

24 Jun 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Bludit utiliza el algoritmo hash SHA-1 para calcular hashes de contraseñas. Por lo tanto, los atacantes podrían determinar contraseñas de texto sin cifrar con ataques de fuerza bruta debido a la velocidad inherente de SHA-1. Además, la sal que calcula Bludit se genera con una función no criptográficamente segura.

24 Jun 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-24 07:15

Updated : 2024-11-21 08:59


NVD link : CVE-2024-24553

Mitre link : CVE-2024-24553

CVE.ORG link : CVE-2024-24553


JSON object : View

Products Affected

No product.

CWE
CWE-916

Use of Password Hash With Insufficient Computational Effort