← voltar
CVE-2021-32519

QSAN Storage Manager, XEVO, SANOS - Use of Password Hash With Insufficient Computational Effort

CVSS 9.8 CRITICALEPSS 0.9%CWE-916
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-text password by brute-forcing the MD5 hash. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.2, QSAN XEVO v2.1.0, and QSAN SANOS v2.1.0.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
QSAN · SANOSQSAN · Storage ManagerQSAN · XEVO

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.twcert.org.tw/tw/cp-132-4875-692f0-1.html