EUVD-2021-27080
ID: EUVD-2021-27080
Severity: critical
CVSS v4: Not provided
CVSS v3: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CWE: None listed
Source: ENISA
Description
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password provided by the user and the MD5 hash stored in the database. An attacker with a specific formatted password could exploit this vulnerability in order to login in the system with different passwords.
Timestamps
- Normalized:
- Last updated:
References
No references provided.