Skip to main content

Cryptographic Issues

CVE-2009-2951

Severity High
Score 7.5/10

Summary

Phenotype CMS before 2.9 does not use a random salt value for password encryption, which makes it easier for context-dependent attackers to determine cleartext passwords.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • PARTIAL

CWE-310 - Cryptographic Issues

Cryptographic issues is a category of weaknesses related to the design and implementation of the confidentiality and integrity of data. If not addressed, the weaknesses in this category can lead to data quality degradation.

References

Advisory Timeline

  • Published