CVE-2024-38881

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-760
View all →

Vulnerability Description

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Rainbow Table Password cracking attack due to the use of one-way hashes without salts when storing user passwords.

Related Vulnerabilities

CVE-2024-13951

MEDIUM
CVSS:7.6(High)

One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRI...

CWE-7602024

CVE-2023-22599

CRITICAL
CVSS:9.1(Critical)

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Sal...

CWE-7602023

CVE-2023-22599

CRITICAL
CVSS:9.1(Critical)

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-760: Use of a One-way Hash with a Predictable Sal...

CWE-7602023

CVE-2024-13951

MEDIUM
CVSS:7.6(High)

One way hash with predictable salt vulnerabilities in ASPECT may expose sensitive information to a potential attackerThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRI...

CWE-7602024

CVE-2020-28214

MEDIUM
CVSS:5.5(Medium)

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionar...

CWE-7602020

CVE-2018-5552

LOW
CVSS:3.3(Low)

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper".

CWE-7602018