← voltar
CVE-2020-6780

Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server

CVSS 4.4 MEDIUMEPSS 0.6%CWE-916
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin privileges to dump the credentials of other users and possibly recover their plain-text passwords by brute-forcing the MD5 hash.
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Bosch · FSM-2500Bosch · FSM-5000

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://psirt.bosch.com/security-advisories/BOSCH-SA-332072-BT.html